File permissions for default nds.conf file should be changed.

  • 3449366
  • 25-Mar-2008
  • 10-Jun-2013

Environment

Novell eDirectory 8.8.2
Novell eDirectory 8.8 for Solaris
Novell eDirectory 8.8 for Linux
Novell eDirectory 8.8 for HP-UX
Novell eDirectory 8.8 for AIX
Novell eDirectory 8.7.3.9 for Solaris
Novell eDirectory 8.7.3.9 for Linux
Novell eDirectory 8.7.3.9 for AIX
Novell eDirectory 8.7.3.9 for HP-UX

Situation

The default permissions for the nds.conf file for all eDirectory versions before and including eDirectory 8.8.2 (as of 2008-03-25) have the permissions for the nds.conf file set to allow all users to view the file.  This is not normally a problem but can be in a small number of situations.

Resolution

To make this as secure as possible the permissions should be changed so that only the owner of the eDirectory instance has rights to read/write to the file.  An example command follows (fill in your own correct path):

chmod 600 /path/to/nds.conf

 

This has been fixed in eDir 8.8SP3