[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SSF and binds

To: openldap-software@OpenLDAP.org
Subject: Re: SSF and binds
From: Dieter Kluenter <dieter@dkluenter.de>
Date: Tue, 14 Sep 2004 19:16:05 +0200
In-reply-to: <4146FA4C.2060808@Goerwitz.COM> (Richard L. Goerwitz, III's message of "Tue, 14 Sep 2004 09:03:56 -0500")
References: <C1DC40E292E2E74E9FA67C31139E52B33A7DDC@ukmail007.betrusted.com> <4146F077.7000402@mango.com> <4146FA4C.2060808@Goerwitz.COM>
User-agent: Gnus/5.1002 (Gnus v5.10.2) XEmacs/21.4 (Rational FORTRAN, linux)

"Richard L. Goerwitz III" <richard@Goerwitz.com> writes:

> Is there any way in OpenLDAP 2.2.x to say the following:
>
>    1) binds must occur over sessions with an SSF of at least 63
>
>    2) UNLESS the peer is 127.0.0.1 (in which case a lower SSF is
>       acceptable)

Yes that is posible, in principle. But I would use  ldapi instead of
localhost. The socket has a build-in ssf of 71.

-Dieter

-- 
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:8C183C8622115328

Follow-Ups:
- Re: SSF and binds
  - From: "Richard L. Goerwitz III" <richard@goerwitz.com>

References:
- RE: Extended attrs search
  - From: Dhiren Pankhania <dpankhania@beTRUSTed.com>
- Re: Extended attrs search
  - From: Saxa Egea <saxa.egea@mango.com>
- SSF and binds
  - From: "Richard L. Goerwitz III" <richard@Goerwitz.com>

Prev by Date: Re: IMHO incorrect info in the documentation
Next by Date: beginner problem
Index(es):
- Chronological
- Thread