[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8057) slapo-unique can be bypassed by anyone

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#8057) slapo-unique can be bypassed by anyone
From: quanah@zimbra.com
Date: Tue, 07 Apr 2015 03:01:20 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

--On Saturday, February 14, 2015 6:16 PM +0000 ondra@mistotebe.net wrote:

> Full_Name: Ondrej Kuznik
> Version: master
> OS:
> URL:
> ftp://ftp.openldap.org/pub/Ondrej-Kuznik-20150214-ITS-8057-uniqueness-ACL
> .patch Submission from: (NULL) (86.177.93.243)
>
>
> This is caused by my fix for #6641. Since anyone can specify the
> manageDSAit control on an operation it is trivial to bypass the
> uniqueness check as it stands.

This "fix" causes OpenLDAP to crash during replication:

<http://fpaste.org/207817/70741142/>

--Quanah



--

Quanah Gibson-Mount
Platform Architect
Zimbra, Inc.
--------------------
Zimbra ::  the leader in open source messaging and collaboration

Prev by Date: (ITS#8097) update nssov to nss-pam-ldapd 0.9.4
Next by Date: Re: (ITS#8057) slapo-unique can be bypassed by anyone
Index(es):
- Chronological
- Thread