fac096de | 2019-02-21 08:04:36 | Timothy Pearson |
Correctly set permissions on LDAP configuration file to only allow owner / group, since this file contains a multi-master replication password in plain text (cherry picked from commit 81b65a2d55757651f28fe31e7d41e3bb11f3ad76) |
||
M src/libtdeldap.cpp |
||
src/libtdeldap.cppdiff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp index c756baf..70b9c15 100644 --- a/src/libtdeldap.cpp +++ b/src/libtdeldap.cpp @@ -2860,6 +2860,11 @@ delete systemconfig; + if (chmod(KDE_CONFDIR "/ldap/ldapconfigrc", S_IRUSR|S_IWUSR|S_IRGRP) < 0) { + if (errstr) *errstr = TQString("Unable to change permissions of \"%1\"").arg(KDE_CONFDIR "/ldap/ldapconfigrc"); + return -1; + } + return 0; } |