[Pkg-openldap-devel] slapd: dangerous access rule in default config
Luca Bruno
lucab at debian.org
Tue Jan 27 17:14:15 UTC 2015
On Tuesday 27 January 2015 17:35:08 Yves-Alexis Perez wrote:
> > Is that right? An automatic configuration change was mentioned in the
> > context above, is that also a possibility?
>
> In any case, I'd trust you as slapd maintainers to take the right
> decision :)
I'm quite new to openldap, but I see that database handling is very fragile.
I'll basically follow whatever Ryan will suggest on this.
> > How can I help? By providing a debdiff for the backported change? By
> > contacting upstream about fixing their documentation? Anything else? (By
> > getting the mailing list fixed, certainly...)
>
> Upstream contact would be nice. For the stable upload, there's no rush
> (since the thing is already public right now and we just want exposure
> so people are somehow forced to fix their setup).
It looks like the saner config has never been ported to stable, so I think
that the bare minimum for the DSA is that. Let us know if we should nag the
user in other ways. For the rest, I think that Ryan has both better contacts
with upstream and the knowledge to speak about the automatic fix.
Cheers, Luca
--
.''`. ** Debian GNU/Linux ** | Luca Bruno (kaeso)
: :' : The Universal O.S. | lucab (AT) debian.org
`. `'` | GPG Key ID: 0x4F3BBEBF
`- http://www.debian.org | Debian GNU/Linux Developer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/pkg-openldap-devel/attachments/20150127/dc07282b/attachment.sig>
More information about the Pkg-openldap-devel
mailing list