[Date Prev][Date Next] [Chronological] [Thread] [Top]

restricting access to application?

To: openldap-software@OpenLDAP.org
Subject: restricting access to application?
From: Piotr Wadas <pwadas@jewish.org.pl>
Date: Mon, 26 Apr 2004 17:26:15 +0200 (CEST)

Using 2.1.29/bdb 4.52/i386

Is it possible with openldap to restrict using of particular application
existing in the system? I keep accounts in LDAP including shell, password,
and similar information, and I'd like to specify, that particular user
can use some binaries or not (chmod of binary in ldap), or specify, that
particular user can connect to local socket, e.g postgresql/mysql socket,
or IP address of local machine? The last one is probably possible with
some iptables scripts such as uif, which is able to read rulesets from
LDAP, however it would be nice to force kernel to ask openldap for rules
without such scripts.
Do I expect from OpenLDAP too much? :) Is it some rather application-side
or kernel-side problem?
P.

Follow-Ups:
- Re: restricting access to application?
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: RE: multiple attribute search with single return slowness
Next by Date: Re: 2.2.11 won't run?
Index(es):
- Chronological
- Thread