[sudo-workers] LDAP issue

Eric Haszlakiewicz erh+sudo at nimenees.com
Tue Jan 22 16:52:25 EST 2008

On Tue, Jan 22, 2008 at 02:49:37PM -0500, Newman, Edward (GTI) wrote:
> Been trying out 1.7b1 and had issue with LDAP. Appears that
> /etc/ldap.conf is default to "'/etc/ldap.conf'" (note double quotes
> around single quotes). This causes ldap.conf to be not found. Please
> remove single quotes from pathnames.h. 

hmm... does that mean that it actually ends up trying to open ./'/ldap.conf' 
 from whatever directory you happen to run it from?  Does being able to specify
your own ldap config file lead to a security breach?  If so, has this been
present long enough to warrant a security advisory?


More information about the sudo-workers mailing list