Re: [Exim] Exim 4.05 ldapauth lookup patch

Pàgina inicial
Delete this message
Reply to this message
Autor: Philip Hazel
Data:  
A: John Dalbec
CC: Exim Users Mailing List
Assumpte: Re: [Exim] Exim 4.05 ldapauth lookup patch
On Fri, 14 Jun 2002, John Dalbec wrote:

> I would like to suggest the following patch. Inspecting the code in
> ldap.c suggests that the obvious authenticator (with
> "server_condition=${lookup ldapauth...") creates an open relay since
> LDAP binds with an empty password are considered anonymous regardless of
> the username and will succeed in most configurations. Of course, this
> check can be done in the authenticator, but IMO this is an unnecessary
> configuration pitfall.


Thanks for the suggestion. I'll look at the patch in due course.

Philip

--
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.