[Freeipa-devel] Visibility of the sensitive LDAP data
Simo Sorce
simo at redhat.com
Wed Jun 8 18:30:20 UTC 2011
On Wed, 2011-06-08 at 14:15 -0400, Dmitri Pal wrote:
> Hi,
>
> We have been through this some time before and the decision made then
> still left me uneasy.
> We said that LDAP is by nature something is a readable by an
> authenticated used. Other than special password and key related
> attributes everything else should be readable.
>
> Now we have a bug https://bugzilla.redhat.com/show_bug.cgi?id=711693
> It seems reasonable to hide the SUDO information from the normal user
> and not make it widely available. I would argue that the HBAC should
> fall into the same category.
> I suspect there is a way to hide this information and if we implemented
> everything correctly the UI and CLI should not fail and respecting the
> effective rights will not present the UI or fail the CLI command.
> So what should we do:
> 1) Leave as is and not bother at all (i.e. it is what it is)
> 2) Leave as is and defer the solution till later (do not fix it in 2.1
> defer to 2.2)
> 3) Leave as is but document how to do it using permissions & ACIs
> 4) Provide default ACIs that would hide the records for the broad user
> population
>
> Looking for an opinion here.
I am for (2)
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list