File: apbs04.html

package info (click to toggle)
ldap-account-manager 3.7-2
  • links: PTS
  • area: main
  • in suites: wheezy
  • size: 34,660 kB
  • sloc: php: 49,813; perl: 305; makefile: 169; sh: 156; pascal: 132; xml: 111
file content (6 lines) | stat: -rw-r--r-- 2,224 bytes parent folder | download 
1
2
3
4
5
6
 
<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chrooted servers</title><link rel="stylesheet" type="text/css" href="style.css"><meta name="generator" content="DocBook XSL Stylesheets V1.76.1"><link rel="home" href="index.html" title="LDAP Account Manager - Manual"><link rel="up" href="apb.html" title="AppendixB.Security"><link rel="prev" href="apbs03.html" title="LDAP with SSL and TLS"><link rel="next" href="apbs05.html" title="Protection of your LDAP password and directory contents"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chrooted servers</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="apbs03.html">Prev</a></td><th width="60%" align="center">AppendixB.Security</th><td width="20%" align="right"><a accesskey="n" href="apbs05.html">Next</a></td></tr></table><hr></div><div class="section" title="Chrooted servers"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="idp6138112"></a>Chrooted servers</h2></div></div></div><p>If your server is chrooted and you have no access to /dev/random
      or /dev/urandom this can be a security risk. LAM stores your LDAP
      password encrypted in the session. LAM uses rand() to generate the key
      if /dev/random and /dev/urandom are not accessible. Therefore the key
      can be easily guessed. An attaker needs read access to the session file
      (e.g. by another Apache instance) to exploit this.</p></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="apbs03.html">Prev</a></td><td width="20%" align="center"><a accesskey="u" href="apb.html">Up</a></td><td width="40%" align="right"><a accesskey="n" href="apbs05.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">LDAP with SSL and TLS</td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top">Protection of your LDAP password and directory contents</td></tr></table></div></body></html>