[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8057) slapo-unique can be bypassed by anyone

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#8057) slapo-unique can be bypassed by anyone
From: quanah@zimbra.com
Date: Tue, 07 Apr 2015 03:03:37 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

--On Tuesday, April 07, 2015 4:01 AM +0000 quanah@zimbra.com wrote:

> --On Saturday, February 14, 2015 6:16 PM +0000 ondra@mistotebe.net wrote:
>
>> Full_Name: Ondrej Kuznik
>> Version: master
>> OS:
>> URL:
>> ftp://ftp.openldap.org/pub/Ondrej-Kuznik-20150214-ITS-8057-uniqueness-ACL
>> .patch Submission from: (NULL) (86.177.93.243)
>>
>>
>> This is caused by my fix for #6641. Since anyone can specify the
>> manageDSAit control on an operation it is trivial to bypass the
>> uniqueness check as it stands.
>
> This "fix" causes OpenLDAP to crash during replication:
>
> <http://fpaste.org/207817/70741142/>

Also crashes when using ldapmodify -M or ldapmodrdn -M

--Quanah


--

Quanah Gibson-Mount
Platform Architect
Zimbra, Inc.
--------------------
Zimbra ::  the leader in open source messaging and collaboration

Prev by Date: Re: (ITS#8057) slapo-unique can be bypassed by anyone
Next by Date: (ITS#8098) Memory leakage
Index(es):
- Chronological
- Thread