directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Zoerner <ste...@labeo.de>
Subject Re: [jira] Created: (DIRSERVER-1383) There is a confusion between Anonymous access and Access to rootDSE
Date Tue, 21 Jul 2009 06:26:28 GMT
Quanah Gibson-Mount wrote:
> --On Monday, July 20, 2009 9:50 PM -0400 Alex Karasulu 
> <akarasulu@gmail.com> wrote:
> 
>> Ahhh okie you're right on.  My bad.
> 
> This is quite correct.  There are even some (stupid) security programs 
> that will say being able to read the rootDSE is a vulnerability.  OTOH, 
> I've always left it read to the world, most clients prefer it. :P
> 

There are also tests within the Open Group LDAP certification suite 
which check whether the Root DSE is readable anonymously. But it is OK, 
if we are able to configure a server to behave like that for a test run. 
No need to make that the default.

Greetings from Hamburg,
     Stefan



Mime
View raw message