[389-users] security problems
Marco Strullato
marco.strullato at gmail.com
Tue Aug 11 09:19:03 UTC 2009
Hi all,
years ago I set up a ldap fedora directory server that is the used for pki
authentication by many servers. In that period I didn't care much about
security but now I would like to close security holes.
I see that the directory manager password is stored in ldap.conf and rebuild
sshd.conf (for pki)
I see also that if I restrict access (600) to these files the authentication
process does not end correctly because the uid and gid are not taken by
ldap. Probabily during the user logon these files must be readable.
By my point of view the solution could be to encrypt the directory manager
password or to create a read only user. What do you suggest me? and how to
implement?
Regards,
Marco Strullato
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20090811/544b3cf1/attachment.htm>
More information about the Fedora-directory-users
mailing list