26 Jul
2018
26 Jul
'18
4:38 a.m.
I wrote:
(...) any particular value will be wrong for someone. Depends on how safe your filesystem setup is and whether it's easier to break in to get at the ldapi socket than it is to just attack slapd.
I forgot:
You could forge ldapi: credentials in early OpenLDAP versions, depending on whether the OS provided a safe way to pass user credentials or not. There's some hack in place now for OSes which don't, but I seem to remember I never felt all that trustful of it.
--
Hallvard