[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How do I allow root to edit mdb database? [SOLVED]

On 08/05/2016 09:08 AM, Frank Swasey wrote:
> Today at 8:10am, John Lewis wrote:
>
>> olcAccess: {0}to * by
>> dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage
>> by * break
>> olcAccess: {1}to dn.base="" by * read
>> olcAccess: {2}to * by * read
>> olcAccess: {3}to attrs=userPassword,shadowLastChange by self write by
>> anonymous auth by * none
>
> And the world can read your passwords...
>
> Order *is* important.  First match wins.  At the very least you need
> to put #2 as the very last rule.
>
How is this? 

olcAccess: {0}to * by
dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage
by * break
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to attrs=userPassword,shadowLastChange by self write by
anonymous auth by * none
olcAccess: {3}to * by * read


You said to do that at the very least. What else do you think I should do?