[sudo-workers] LDAP issue

Newman, Edward (GTI) edward_newman at ml.com
Tue Jan 22 16:58:00 EST 2008

No. Just that the version build by default is looking for
'/etc/ldap.conf' (including quotes) and this appears to fail (can't find
conf file). If I remove quotes from pathnames.h (leaving double but not
single) then it works. Looks like a minor issue with configure script.


-----Original Message-----
From: Eric Haszlakiewicz [mailto:erh+sudo at nimenees.com] 
Sent: 22 January 2008 16:52
To: Newman, Edward (GTI)
Cc: sudo-workers at sudo.ws
Subject: Re: [sudo-workers] LDAP issue

On Tue, Jan 22, 2008 at 02:49:37PM -0500, Newman, Edward (GTI) wrote:
> Been trying out 1.7b1 and had issue with LDAP. Appears that
> /etc/ldap.conf is default to "'/etc/ldap.conf'" (note double quotes
> around single quotes). This causes ldap.conf to be not found. Please
> remove single quotes from pathnames.h. 

hmm... does that mean that it actually ends up trying to open
 from whatever directory you happen to run it from?  Does being able to
your own ldap config file lead to a security breach?  If so, has this
present long enough to warrant a security advisory?


This message w/attachments (message) may be privileged, confidential or proprietary, and if you are not an intended recipient, please notify the sender, do not use or share it and delete it. Unless specifically indicated, this message is not an offer to sell or a solicitation of any investment products or other financial product or service, an official confirmation of any transaction, or an official statement of Merrill Lynch. Subject to applicable law, Merrill Lynch may monitor, review and retain e-communications (EC) traveling through its networks/systems. The laws of the country of each sender/recipient may impact the handling of EC, and EC may be archived, supervised and produced in countries other than the country in which you are located. This message cannot be guaranteed to be secure or error-free. This message is subject to terms available at the following link: http://www.ml.com/e-communications_terms/. By messaging with Merrill Lynch you consent to the foregoing.

More information about the sudo-workers mailing list