[Freeipa-devel] Visibility of the sensitive LDAP data
Dmitri Pal
dpal at redhat.com
Wed Jun 8 18:15:00 UTC 2011
Hi,
We have been through this some time before and the decision made then
still left me uneasy.
We said that LDAP is by nature something is a readable by an
authenticated used. Other than special password and key related
attributes everything else should be readable.
Now we have a bug https://bugzilla.redhat.com/show_bug.cgi?id=711693
It seems reasonable to hide the SUDO information from the normal user
and not make it widely available. I would argue that the HBAC should
fall into the same category.
I suspect there is a way to hide this information and if we implemented
everything correctly the UI and CLI should not fail and respecting the
effective rights will not present the UI or fail the CLI command.
So what should we do:
1) Leave as is and not bother at all (i.e. it is what it is)
2) Leave as is and defer the solution till later (do not fix it in 2.1
defer to 2.2)
3) Leave as is but document how to do it using permissions & ACIs
4) Provide default ACIs that would hide the records for the broad user
population
Looking for an opinion here.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IPA project,
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeipa-devel
mailing list