[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP security woes.

To: mark@ferraretto.com
Subject: Re: OpenLDAP security woes.
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Mon, 15 May 2000 21:35:26 -0700
Cc: openldap-software@OpenLDAP.org
In-reply-to: <Pine.LNX.4.21.0005160908100.8657-100000@pilot.internal.fer raretto.net>
References: <3.0.5.32.20000515072715.00943610@infidel.boolean.net>

At 09:17 AM 5/16/00 +0930, Mark Ferraretto wrote:
>Here's an extract from running the server with -d 255.  This is when kldap
>is trying to bind as 
>ou=mferrare, ou=PDS, dc=ferraretto, dc=com.
>ou=mferrare owns all the entries in the ou.  It has a userpassword field
>and each field below it has an owner attribute set to ou=mferrare,ou...
>
>Looks like kldap is binding anonymously for the search.  Am I correct?

It appear so.

References:
- Re: OpenLDAP security woes.
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Re: OpenLDAP security woes.
Next by Date: Re: solaris2.6 threads
Index(es):
- Chronological
- Thread