Bug 38402 - openldap tries to open ldaprc file in current directory
Summary: openldap tries to open ldaprc file in current directory
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: openldap
Version: 7.1
Hardware: i386
OS: Linux
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact: Aaron Brown
Keywords: Security
Depends On:
TreeView+ depends on / blocked
Reported: 2001-04-30 16:19 UTC by Henning Schmiedehausen
Modified: 2017-10-05 11:53 UTC (History)
0 users

Clone Of:
Last Closed: 2001-04-30 16:29:31 UTC

Attachments (Terms of Use)
patch as above as file attachment (305 bytes, patch)
2001-04-30 16:21 UTC, Henning Schmiedehausen
no flags Details | Diff

External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Bugzilla 1498841 None None None Never

Internal Trackers: 1498841

Description Henning Schmiedehausen 2001-04-30 16:19:43 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.2.19-1t i686)

The openldap libraries try to open a config file in the "current"
directory. This is especially annoying if you use LDAP to supply user and /
or autofs information which leads to (best case) annoying file system
accesses in the current directory when doing "ls" or (worst case) possible
security problems if someone puts an ldaprc file in the current directory
which does point to a different server or ldap directory.

Reproducible: Always
Steps to Reproduce:
1. use LDAP for e.g. User information
2. do "ls -la"
3. watch filesystem accesses (strace -etrace=open .... )

open("/etc/openldap/ldap.conf", O_RDONLY) = 3
open("/root/ldaprc", O_RDONLY)          = -1 ENOENT (No such file or
open("/root/.ldaprc", O_RDONLY)         = -1 ENOENT (No such file or
open("ldaprc", O_RDONLY)                = -1 ENOENT (No such file or

Please add the attached patch to the next RPM

--- openldap-2.0.7/libraries/libldap/init.c~    Wed Sep 13 02:42:34 2000
+++ openldap-2.0.7/libraries/libldap/init.c     Mon Apr 30 18:15:23 2001
@@ -278,9 +278,6 @@
        if(path != NULL) {
-       /* try file */
-       openldap_ldap_init_w_conf(file, 1);

Comment 1 Henning Schmiedehausen 2001-04-30 16:21:31 UTC
Created attachment 16846 [details]
patch as above as file attachment

Comment 2 Henning Schmiedehausen 2001-04-30 16:29:26 UTC
Opened the bug with openldap too, ( # 1131)

Comment 3 Nalin Dahyabhai 2001-07-03 20:15:11 UTC
The patch will be added to openldap-2.0.11-5.  Thanks!

Note You need to log in before you can comment on or make changes to this bug.