On Mon, 2014-04-28 at 16:11 +0100, Andrew Holway wrote:
> > I realized that you probably want to disable anonymous access to LDAP. It
> > will prevent random strangers to enumerate all users in your database...
> 
> This sounds like a bug no? anonymous access to LDAP?

Historically many Linux and Unix OSs did not authenticate to LDAP to
download POSIX info, so we allow by default to access a lot of the tree
anonymously.
We are in the process of changing how the permissions work in 4.0, and
will contextually close down a lot more of the tree letting the admin
more easily configure access.

So, no it is not technically a bug, but it is something you want to look
out for as an admin.

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to