Hi all,
I just wanted to know if it is possible not to store the LDAP admin password into the servers/ldap.conf file, and have the password asked only when it is needed.
Today this is not possible because there are some functions which update the LDAP server in the background (e.g. if export-import.lib is used with automatic LDAP update).
Anycase, after the installation of OpenCA, that file is world-readable. Maybe you want to restrict access, as it contains a pwd ?
This is a security bug. I fixed it in openca_0_9_1 and CVS head. So it's time to publish 0.9.1.3.
Michael -- ------------------------------------------------------------------- Michael Bell Email: [EMAIL PROTECTED] ZE Computer- und Medienservice Tel.: +49 (0)30-2093 2482 (Computing Centre) Fax: +49 (0)30-2093 2704 Humboldt-University of Berlin Unter den Linden 6 10099 Berlin Email (private): [EMAIL PROTECTED] Germany http://www.openca.org
------------------------------------------------------- This SF.net email is sponsored by Dice.com. Did you know that Dice has over 25,000 tech jobs available today? From careers in IT to Engineering to Tech Sales, Dice has tech jobs from the best hiring companies. http://www.dice.com/index.epl?rel_code=104 _______________________________________________ OpenCA-Devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-devel
