Bug 38402 - openldap tries to open ldaprc file in current directory
openldap tries to open ldaprc file in current directory
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: openldap (Show other bugs)
7.1
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
Aaron Brown
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-04-30 12:19 EDT by Henning Schmiedehausen
Modified: 2007-04-18 12:32 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-04-30 12:29:31 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
patch as above as file attachment (305 bytes, patch)
2001-04-30 12:21 EDT, Henning Schmiedehausen
no flags Details | Diff

  None (edit)
Description Henning Schmiedehausen 2001-04-30 12:19:43 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.2.19-1t i686)


The openldap libraries try to open a config file in the "current"
directory. This is especially annoying if you use LDAP to supply user and /
or autofs information which leads to (best case) annoying file system
accesses in the current directory when doing "ls" or (worst case) possible
security problems if someone puts an ldaprc file in the current directory
which does point to a different server or ldap directory.

Reproducible: Always
Steps to Reproduce:
1. use LDAP for e.g. User information
2. do "ls -la"
3. watch filesystem accesses (strace -etrace=open .... )

[...]
open("/etc/openldap/ldap.conf", O_RDONLY) = 3
open("/root/ldaprc", O_RDONLY)          = -1 ENOENT (No such file or
directory)
open("/root/.ldaprc", O_RDONLY)         = -1 ENOENT (No such file or
directory)
open("ldaprc", O_RDONLY)                = -1 ENOENT (No such file or
directory)
[...]
	

Please add the attached patch to the next RPM

--- openldap-2.0.7/libraries/libldap/init.c~    Wed Sep 13 02:42:34 2000
+++ openldap-2.0.7/libraries/libldap/init.c     Mon Apr 30 18:15:23 2001
@@ -278,9 +278,6 @@
        if(path != NULL) {
                LDAP_FREE(path);
        }
-
-       /* try file */
-       openldap_ldap_init_w_conf(file, 1);
 }
Comment 1 Henning Schmiedehausen 2001-04-30 12:21:31 EDT
Created attachment 16846 [details]
patch as above as file attachment
Comment 2 Henning Schmiedehausen 2001-04-30 12:29:26 EDT
Opened the bug with openldap too, ( # 1131)
Comment 3 Nalin Dahyabhai 2001-07-03 16:15:11 EDT
The patch will be added to openldap-2.0.11-5.  Thanks!

Note You need to log in before you can comment on or make changes to this bug.