Bug 38402 - openldap tries to open ldaprc file in current directory
Summary: openldap tries to open ldaprc file in current directory
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: openldap
Version: 7.1
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact: Aaron Brown
URL:
Whiteboard:
Keywords: Security
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2001-04-30 16:19 UTC by Henning Schmiedehausen
Modified: 2017-10-05 11:53 UTC (History)
0 users

(edit)
Clone Of:
(edit)
Last Closed: 2001-04-30 16:29:31 UTC


Attachments (Terms of Use)
patch as above as file attachment (305 bytes, patch)
2001-04-30 16:21 UTC, Henning Schmiedehausen
no flags Details | Diff


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Bugzilla 1498841 None None None Never

Internal Trackers: 1498841

Description Henning Schmiedehausen 2001-04-30 16:19:43 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.2.19-1t i686)


The openldap libraries try to open a config file in the "current"
directory. This is especially annoying if you use LDAP to supply user and /
or autofs information which leads to (best case) annoying file system
accesses in the current directory when doing "ls" or (worst case) possible
security problems if someone puts an ldaprc file in the current directory
which does point to a different server or ldap directory.

Reproducible: Always
Steps to Reproduce:
1. use LDAP for e.g. User information
2. do "ls -la"
3. watch filesystem accesses (strace -etrace=open .... )

[...]
open("/etc/openldap/ldap.conf", O_RDONLY) = 3
open("/root/ldaprc", O_RDONLY)          = -1 ENOENT (No such file or
directory)
open("/root/.ldaprc", O_RDONLY)         = -1 ENOENT (No such file or
directory)
open("ldaprc", O_RDONLY)                = -1 ENOENT (No such file or
directory)
[...]
	

Please add the attached patch to the next RPM

--- openldap-2.0.7/libraries/libldap/init.c~    Wed Sep 13 02:42:34 2000
+++ openldap-2.0.7/libraries/libldap/init.c     Mon Apr 30 18:15:23 2001
@@ -278,9 +278,6 @@
        if(path != NULL) {
                LDAP_FREE(path);
        }
-
-       /* try file */
-       openldap_ldap_init_w_conf(file, 1);
 }

Comment 1 Henning Schmiedehausen 2001-04-30 16:21:31 UTC
Created attachment 16846 [details]
patch as above as file attachment

Comment 2 Henning Schmiedehausen 2001-04-30 16:29:26 UTC
Opened the bug with openldap too, ( # 1131)

Comment 3 Nalin Dahyabhai 2001-07-03 20:15:11 UTC
The patch will be added to openldap-2.0.11-5.  Thanks!


Note You need to log in before you can comment on or make changes to this bug.