[Fedora-directory-commits] adminserver/admserv/schema/ldif 11dstasks.ldif.tmpl, 1.4, 1.5
Richard Allen Megginson (rmeggins)
fedora-directory-commits at redhat.com
Wed Nov 14 17:51:58 UTC 2007
- Previous message (by thread): [Fedora-directory-commits] adminserver Makefile.am, 1.34, 1.35 aclocal.m4, 1.33, 1.34 configure, 1.37, 1.38 missing, 1.23, 1.24 install-sh, 1.23, 1.24 Makefile.in, 1.40, 1.41 depcomp, 1.23, 1.24 config.sub, 1.23, 1.24 config.guess, 1.23, 1.24 compile, 1.22, 1.23
- Next message (by thread): [Fedora-directory-commits] adminserver/lib/libdsa dsalib_conf.c, 1.5, 1.6 dsalib_db.c, 1.4, 1.5 dsalib_util.c, 1.3, 1.4 dsalib_dn.c, 1.2, NONE dsalib_filename.c, 1.2, NONE dsalib_ldif.c, 1.3, NONE dsalib_pw.c, 1.2, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: rmeggins
Update of /cvs/dirsec/adminserver/admserv/schema/ldif
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5290/adminserver/admserv/schema/ldif
Modified Files:
11dstasks.ldif.tmpl
Log Message:
Resolves: bug 186280
Bug Description: Close potential security vulnerabilities in CGI code
Reviewed by: nhosoi (Thanks!)
Fix Description: This is for the CGIs moved into adminserver from ds. There is quite a bit of code here that we don't use anymore. We can also get rid of Import.java and Export.java in the ds console code. This addresses the security issues because, even though the console doesn't ever call the tasks that invoke the CGIs for db2ldif, ldif2db, etc. a malicious user could still attempt to invoke a task remotely and pass in bogus file and directory names.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
Index: 11dstasks.ldif.tmpl
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/schema/ldif/11dstasks.ldif.tmpl,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- 11dstasks.ldif.tmpl 4 Jul 2007 01:31:33 -0000 1.4
+++ 11dstasks.ldif.tmpl 14 Nov 2007 17:51:55 -0000 1.5
@@ -63,7 +63,6 @@
objectClass: nstask
objectClass: nsAdminObject
nsClassname: com.netscape.admin.dirserv.task.Backup@%ds_console_jar%@%as_sie%
-nsExecRef: ds_db2bak
cn: Backup
dn: cn=Restore, cn=operation, cn=Tasks, %ds_sie%
@@ -71,7 +70,6 @@
objectClass: nstask
objectClass: nsAdminObject
nsClassname: com.netscape.admin.dirserv.task.Restore@%ds_console_jar%@%as_sie%
-nsExecRef: ds_bak2db
cn: Restore
dn: cn=KeyCert, cn=operation, cn=Tasks, %ds_sie%
@@ -102,20 +100,6 @@
nsClassname: com.netscape.admin.dirserv.task.CompleteExport@%ds_console_jar%@%as_sie%
cn: CompleteExport
-dn: cn=Export, cn=operation, cn=Tasks, %ds_sie%
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: ds_db2ldif
-cn: Export
-
-dn: cn=Import, cn=operation, cn=Tasks, %ds_sie%
-objectClass: top
-objectClass: nstask
-objectClass: nsAdminObject
-nsExecRef: ds_ldif2db
-cn: Import
-
dn: cn=ViewLog, cn=operation, cn=Tasks, %ds_sie%
objectClass: top
objectClass: nstask
@@ -141,14 +125,12 @@
objectClass: top
objectClass: nstask
objectClass: nsAdminObject
-nsExecRef: ds_vlvindex
cn: CreateVLVIndex
dn: cn=AddIndex, cn=operation, cn=Tasks, %ds_sie%
objectClass: top
objectClass: nstask
objectClass: nsAdminObject
-nsExecRef: ds_addindex
cn: AddIndex
dn: cn=SNMPCtrl, cn=operation, cn=Tasks, %ds_sie%
- Previous message (by thread): [Fedora-directory-commits] adminserver Makefile.am, 1.34, 1.35 aclocal.m4, 1.33, 1.34 configure, 1.37, 1.38 missing, 1.23, 1.24 install-sh, 1.23, 1.24 Makefile.in, 1.40, 1.41 depcomp, 1.23, 1.24 config.sub, 1.23, 1.24 config.guess, 1.23, 1.24 compile, 1.22, 1.23
- Next message (by thread): [Fedora-directory-commits] adminserver/lib/libdsa dsalib_conf.c, 1.5, 1.6 dsalib_db.c, 1.4, 1.5 dsalib_util.c, 1.3, 1.4 dsalib_dn.c, 1.2, NONE dsalib_filename.c, 1.2, NONE dsalib_ldif.c, 1.3, NONE dsalib_pw.c, 1.2, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the Fedora-directory-commits
mailing list