2005-12-07 23:38:01 +00:00
|
|
|
1) What happened to the webadmin directory?
|
|
|
|
|
|
2005-12-22 20:35:09 +00:00
|
|
|
2005-12-22 bklang
|
|
|
|
|
** See security note at the end of this section regarding the old webadmin **
|
|
|
|
|
|
2005-12-07 23:38:01 +00:00
|
|
|
I have deprecated that code in favor of another project I am working on. It
|
|
|
|
|
is called Beatnik and is a Horde framework module. The status of the webadmin
|
|
|
|
|
code was unclear and I was not willing to support it so I deprecated it. I
|
|
|
|
|
left it as part of the tarball release and in version control in case others
|
|
|
|
|
out there felt differently and/or it ever needed to be modified or even revived.
|
|
|
|
|
|
|
|
|
|
As far as I'm concerned you are welcome to use it but consequently are on your
|
|
|
|
|
own. You might also contact the author, Jacob Rief (jacob.rief@tiscover.com)
|
|
|
|
|
for more information but he is no longer interested in maintaing this work
|
|
|
|
|
so do not depend on him.
|
|
|
|
|
|
2005-12-22 20:35:09 +00:00
|
|
|
During a routine code audit on the ldap2dns sources a number of potential LDAP
|
|
|
|
|
injection vulnerabilities were discovered. Since this code is deprecated no
|
|
|
|
|
attempt to correct these flaws has been made.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
IF YOU CHOOSE TO RUN THE DEPRECATED WEBADMIN SOFTWARE: Please take all
|
|
|
|
|
necessary steps to secure your environment. The author of this package takes no
|
|
|
|
|
responsibility for any problems related to the flawed webadmin code.
|
|
|
|
|
|
|
|
|
|
Thanks to Erik Cabetas for bringing these issues to my attention.
|
|
|
|
|
|
2005-12-07 23:45:26 +00:00
|
|
|
2) Why have you deprecated all that code?
|
|
|
|
|
|
|
|
|
|
2005-12-07 bklang
|
|
|
|
|
This is partially answered above, but to fully answer the question it's not
|
|
|
|
|
any comment or criticism of the original author. Really it is just code that
|
|
|
|
|
appears to me to be somewhat extraneous to what I consider to be the core
|
|
|
|
|
functionality of ldap2dns. That combined with my desire to focus on the core
|
|
|
|
|
functionality and not maintain this other work leads me to note the status of
|
|
|
|
|
that code to others who may use this package. The code may or may not work;
|
|
|
|
|
you are entirely on your own. If demand is sufficient some parts may come back
|
|
|
|
|
into the main tarball. However for now I leave it there in case anyone out
|
|
|
|
|
there wants it. It is unmaintained (at least by me) and should not be
|
|
|
|
|
considered stable or even working unless you audit it yourself.
|
|
|
|
|
You have been warned. Caveat emptor.
|
|
|
|
|
|
2005-12-07 23:38:01 +00:00
|
|
|
|
2005-12-08 20:36:26 +00:00
|
|
|
# $Id$
|
2005-12-08 20:35:34 +00:00
|
|
|
|
2005-12-07 23:38:01 +00:00
|
|
|
-- Old FAQ entry below (meaning is unclear to me -- 2005/12/07 bklang --
|
|
|
|
|
|
2005-12-02 04:26:14 +00:00
|
|
|
From: Steven Dossett <sdossett@panath.com>
|
|
|
|
|
Right after I mailed you, I patched the schema :)
|
|
|
|
|
I moved from IA5 Strings to Numeric Strings in that section of the schema:
|
|
|
|
|
|
|
|
|
|
attributetype ( 1.3.6.1.4.1.7222.1.4.12
|
|
|
|
|
NAME 'dnsipaddr'
|
|
|
|
|
EQUALITY numericStringMatch
|
|
|
|
|
SUBSTR numericStringSubstringsMatch
|
|
|
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} )
|
|
|
|
|
|
|
|
|
|
attributetype ( 1.3.6.1.4.1.7222.1.4.13
|
|
|
|
|
NAME 'dnscipaddr'
|
|
|
|
|
EQUALITY numericStringMatch
|
|
|
|
|
SUBSTR numericStringSubstringsMatch
|
|
|
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} )
|
|
|
|
|
|
|
|
|
|
Thanks for the quick reply. Take care.
|
|
|
|
|
|
|
|
|
|
|
