81b65a2d | 2019-02-21 06:03:05 | Timothy Pearson |
Correctly set permissions on LDAP configuration file to only allow owner / group, since this file contains a multi-master replication password in plain text |
||
M src/libtdeldap.cpp |
||
src/libtdeldap.cppdiff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp index 26ef2e1..0f293e9 100644 --- a/src/libtdeldap.cpp +++ b/src/libtdeldap.cpp @@ -3375,6 +3375,11 @@ delete systemconfig; + if (chmod(KDE_CONFDIR "/ldap/ldapconfigrc", S_IRUSR|S_IWUSR|S_IRGRP) < 0) { + if (errstr) *errstr = TQString("Unable to change permissions of \"%1\"").arg(KDE_CONFDIR "/ldap/ldapconfigrc"); + return -1; + } + return 0; } |