[Date Prev][Date Next] [Chronological] [Thread] [Top]

Possible security problem with openldap install (ITS#133)



Hi,

I'm already using openldap-1.2 on a Linux and on a Sunos4 system. But
when I had a close look at the "make install" log I noticed that some
auxiliary files are created in /tmp, with predictable names like
"xrpcomp.tmp".

Since the installation usually has to be done by root, this is a
possible security hazard: someone could create a symbolic link, like for
instance "ln -s /etc/passwd /tmp/xrpcomp.tmp" and wait for the
administrator to (re)install openldap. Although this won't happen to
often, it may still be predictable on a system where openldap exists
and gets updated from time to time, or where the installation of an
ldap server was announced. The administrator would then overwrite an
arbitrary file on his/her system with all the dire consequences this
may have.

I'd therefore suggest to either remove all temporarily created files
before using them (but this is only a partial solution as it opens up
a race condition) or, better still, only create files in directories
which are not writable by ordinary users. You might create (and later
on delete) a temporary subdirectory of the ldap build directory, for
instance.

Although I'm complaining, let me say a big "thank you" for the good
work you've done!

  Detlef