[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#4750) libldap initialization of ~/.ldaprc and setuid

Russ Allbery wrote:

I assume from the ldap.conf documentation that if tls_cacertfile is set,
tls_cacertdir is irrelevant?  Or are both explored for a root cert to
validate the remote server?

Both will get used.

I think that if both the NSS and PAM modules deal with those variables,
that removes most of my concern.  I'd still feel generally better with a
safety net in the library for setuid processes on the principle of defense
in depth and because safely using the LDAP library in such a situation
requires thinking more about configuration initialization than I think
some users may realize, but I'll freely admit that my concern at that
point is theoretical.

I'm not totally convinced yet, will think about it. The patch would have to be #ifdef'd (HAVE_GETEUID or something) since it would not be relevant on Windows and some other obscure platforms.
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
OpenLDAP Core Team http://www.openldap.org/project/