[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Openldap 2.0.7 and security

To: "Nicolas Prochazka" <nicolas.prochazka@valiosys.com>
Subject: Re: Openldap 2.0.7 and security
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Wed, 18 Apr 2001 13:21:40 -0700
Cc: "OpenLDAP Devel" <openldap-devel@OpenLDAP.org>
In-reply-to: <NEBBIGCDMPNPACFKIFEPOEBOCBAA.nicolas.prochazka@valiosys.co m>
References: <3ADC4CCA.50880BE1@cri74.org>

At 07:44 AM 4/17/01, Nicolas Prochazka wrote:
>Is openldap secure or where can i find more information about this subject.

The answer must be either "no" or "maybe" as one cannot prove
an application such as OpenLDAP ever to be "secure".  With
OpenLDAP, I would say that there are known security issues,
such a vulnerability to DoS attack, which can be addressed
though proper deployment of OpenLDAP for your use.  Questions
regarding how to use OpenLDAP should be directed to the
openldap-software mailing list.

Of course, there are quite a number of areas for development
to improve security... see the TODO list for starters.

Kurt

References:
- back-sql with postgresql
  - From: Loïc TREGOUËT <loic@cri74.org>

Prev by Date: Re: backsql_get_attr_vals()
Next by Date: Problem with directoryString attribute type
Index(es):
- Chronological
- Thread