[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#4127) "access" modification by back-config stops slapd in case of syntax error when no -F is provided

To: openldap-its@OpenLDAP.org
Subject: (ITS#4127) "access" modification by back-config stops slapd in case of syntax error when no -F is provided
From: ando@sys-net.it
Date: Mon, 31 Oct 2005 14:23:06 GMT

Full_Name: Pierangelo Masarati
Version: HEAD/re23
OS: irrelevant
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (81.74.43.82)
Submitted by: ando


"access" writing via back-config uses the underlying parse_acl() calls; this may
result in calling exit() in case of syntax error.  This is not a security issue
per se, although it may lead to DoS, because access writing needs rootdn
credentials for the config database.  I suspect similar issues may exist when
parsing other legacy data.

p.

Prev by Date: Re: ITS#3850 hang after deferring : binding
Next by Date: (ITS#4128) back-config core dumps when initializing directory
Index(es):
- Chronological
- Thread