[Date Prev][Date Next] [Chronological] [Thread] [Top]

[no subject]

  Hello !I use internet scanner to scan my openldap system,it finds several security bugs.
1. use NULL bind entry can result in anonymous access
2.cn=monitor can get some information from system
3.cn=config can get some informaiton from system.

ACL in my system configuration is such as:

defaultaccess none

access to  attr=userPassword
        by self compare
        by group="cn=admin,ou=Groups,dc=compnay,dc=net" write
        by * none

access to *
        by self read
        by group="cn=admin,ou=Groups,dc=company,dc=net" write
        by * none

I want to know how can I close these features.
I can't find any useful informations in Openldap adminstration  and FAQ.So pleas help me.