[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Disable NULL BASE queries

At 12:40 PM 2/5/2004, Dieter Kluenter wrote:
>That requirement is violating RFC-2251,3.4 

Subjecting root DSE information to access controls
is not counter to RFC 2251.

That said, I think "Risk factor : Medium" is quite bogus.
Security by obscurity (hiding the naming context) is no
security at all.

Administrators should take note that values of the root
DSE are primarily made available for auto-discovery.  If
you hide these values, you'll break auto-discovery.