Em 29-01-2014 01:41, Armin K. escreveu: > Partially fixed. I am still pointing out that having slapd configuration > files and ldap databases in /var/lib/openldap readable by anyone is a > SECURITY ISSUE. Especially since a file stores admin password in the > PLAIN TEXT. That's why mode 640 and root:ldap ownership was used. root > owner, so only root could modify the file and ldap group so the group > which owns slapd daemon could read but not modify the file in case of > security breach.
I am reopening the ticket. -- []s, Fernando -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
