summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTimothy Pearson <kb9vqf@pearsoncomputing.net>2019-02-21 00:03:05 -0600
committerSlávek Banko <slavek.banko@axis.cz>2019-02-21 09:04:36 +0100
commitfac096dec8bc6602b0af21b68be77506a5d7e04c (patch)
tree7cb4a79e73170aa3dd0bc1e9f91af56fda10cbe7
parent8e9965e8edb0d9f04372eaf7644b17d55897d09e (diff)
downloadlibtdeldap-fac096dec8bc6602b0af21b68be77506a5d7e04c.tar.gz
libtdeldap-fac096dec8bc6602b0af21b68be77506a5d7e04c.zip
Correctly set permissions on LDAP configuration file to only allow owner / group, since this file contains a multi-master replication password in plain text
(cherry picked from commit 81b65a2d55757651f28fe31e7d41e3bb11f3ad76)
-rw-r--r--src/libtdeldap.cpp5
1 files changed, 5 insertions, 0 deletions
diff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp
index c756baf..70b9c15 100644
--- a/src/libtdeldap.cpp
+++ b/src/libtdeldap.cpp
@@ -2860,6 +2860,11 @@ int LDAPManager::writeLDAPConfFile(LDAPRealmConfig realmcfg, LDAPMachineRole mac
delete systemconfig;
+ if (chmod(KDE_CONFDIR "/ldap/ldapconfigrc", S_IRUSR|S_IWUSR|S_IRGRP) < 0) {
+ if (errstr) *errstr = TQString("Unable to change permissions of \"%1\"").arg(KDE_CONFDIR "/ldap/ldapconfigrc");
+ return -1;
+ }
+
return 0;
}