Mageia Bugzilla – Attachment 5503 Details for
Bug 14252
dokuwiki new security issue in LDAP auth plugin fixed upstream in 20140929
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
Log In
[x]
|
New Account
|
Forgot Password
LDAP entries and DokuWiki user supplied settings
file_14252.txt (text/plain), 4.18 KB, created by
William Murphy
on 2014-10-14 12:41:27 CEST
(
hide
)
Description:
LDAP entries and DokuWiki user supplied settings
Filename:
MIME Type:
Creator:
William Murphy
Created:
2014-10-14 12:41:27 CEST
Size:
4.18 KB
patch
obsolete
>################################################################# >ldapsearch output (user and passwords changed to protect the innocent): > >version: 1 > ># ># LDAPv3 ># base <dc=ldap,dc=privatedomain> with scope subtree ># filter: (objectclass=*) ># requesting: ALL ># > ># ldap.privatedomain >dn: dc=ldap,dc=privatedomain >dc: LDAP >o: LDAP Server >description: Root entry for my domain >objectClass: dcObject >objectClass: organization > ># Groups, ldap.privatedomain >dn: ou=Groups,dc=ldap,dc=privatedomain >ou: Groups >description: All local groups >objectClass: organizationalUnit > ># Admin, Groups, ldap.privatedomain >dn: cn=Admin,ou=Groups,dc=ldap,dc=privatedomain >cn: Admin >description: Administrators Group >objectClass: posixGroup >gidNumber: 1000 >memberUID: mrbig > ># Moderator, Groups, ldap.privatedomain >dn: cn=Moderator,ou=Groups,dc=ldap,dc=privatedomain >cn: Moderator >description: Administrators Group >objectClass: posixGroup >gidNumber: 1001 >memberUID:mod > ># User, Groups, ldap.privatedomain >dn: cn=User,ou=Groups,dc=ldap,dc=privatedomain >cn: User >description: Administrators Group >objectClass: posixGroup >gidNumber: 1002 >memberUID: bogo > ># People, ldap.privatedomain >dn: ou=People,dc=ldap,dc=privatedomain >ou: People >description: Group of one, me >objectClass: organizationalUnit > ># Manager, ldap.privatedomain >dn: cn=Manager,dc=ldap,dc=privatedomain >cn: Manager >objectClass: organizationalRole > ># mrbig, People, ldap.privatedomain >dn: uid=mrbig,ou=People,dc=ldap,dc=privatedomain >uid: mrbig >uidNumber: 1000 >gidNumber: 1000 >homeDirectory: /home/mrbig >givenName: Mr Big >sn: Owner >objectClass: inetOrgPerson >objectClass: posixAccount >userPassword:: e1NIQXL1NOTIrbGxZVmZ3ZnR3V1Sd0JaaU9slWM3cjA9 >mail: mrbig@bogusmail.com >cn: Mr Big >displayName: mrbig >preferredLanguage: en > ># mod, People, ldap.privatedomain >dn: uid=mod,ou=People,dc=ldap,dc=privatedomain >uid: Moderator >uidNumber: 1000 >gidNumber: 1001 >homeDirectory: /home/mrbig >givenName: Site Moderator >sn: Owner >objectClass: inetOrgPerson >objectClass: posixAccount >userPassword:: e1NIQXG9JTG9NK3NS1kVR0ZMZkovUlFXNb1NLjhnQTA9 >mail: mrbig@bogusmail.com >cn: Site Moderator >displayName: mod >preferredLanguage: en > ># bogo, People, ldap.privatedomain >dn: uid=bogo,ou=People,dc=ldap,dc=privatedomain >uid: Bogus >uidNumber: 1000 >gidNumber: 1002 >homeDirectory: /home/mrbig >givenName: Barely Human >sn: Owner >objectClass: inetOrgPerson >objectClass: posixAccount >userPassword:: e1NIQXNLR0ZMZko1kVlFG9NXNG9JTK3NSb1vUjhnQTA9 >mail: mrbig@bogusmail.com >cn: Bogus Human >displayName: bogo >preferredLanguage: en > ># root, People, ldap.privatedomain >dn: uid=root,ou=People,dc=ldap,dc=privatedomain >uid: WikiAdmin >uid: root >cn: Admin >givenName: root >displayName: WikiDude >sn: Dude >mail: root@localhot >preferredLanguage: en >objectClass: inetOrgPerson >userPassword:: e1NIQXNZMZk1kVlJTGFXNGLR099NK3NSb1ovUjhnQTA9 > ># search result > ># numResponses: 10 ># numEntries: 9 > >################################################################# >Dokuwiki user settings (/etc/dokuwiki/local.php): > ><?php >/* > * Dokuwiki's Main Configuration File - Local Settings > * Auto-generated by config plugin > * Run for user: mrbig > * Date: Tue, 14 Oct 2014 02:11:23 -0700 > */ > >$conf['title'] = 'Mr Big\'s DokuWiki'; >$conf['license'] = 'cc-by-sa'; >$conf['allowdebug'] = 1; >$conf['useacl'] = 1; >$conf['authtype'] = 'authldap'; >$conf['passcrypt'] = 'sha1'; >$conf['superuser'] = '@Admin'; >$conf['manager'] = '@Moderator'; >$conf['plugin']['authldap']['server'] = 'ldap://master.privatedomain:389'; >$conf['plugin']['authldap']['usertree'] = 'ou=People,dc=ldap,dc=privatedomain'; >$conf['plugin']['authldap']['grouptree'] = 'ou=Groups,dc=ldap,dc=privatedomain'; >$conf['plugin']['authldap']['userfilter'] = '(&(uid=%{user})(objectClass=posixAccount))'; >$conf['plugin']['authldap']['groupfilter'] = '(&(objectClass=posixGroup)(memberUID=%{user}))'; >$conf['plugin']['authldap']['version'] = 3; >$conf['plugin']['authldap']['starttls'] = 1; >$conf['plugin']['authldap']['binddn'] = 'cn=Manager, dc=ldap, dc=privatedomain'; >$conf['plugin']['authldap']['bindpw'] = 'boguspw'; >$conf['plugin']['authldap']['debug'] = 1; > >// end auto-generated content
################################################################# ldapsearch output (user and passwords changed to protect the innocent): version: 1 # # LDAPv3 # base <dc=ldap,dc=privatedomain> with scope subtree # filter: (objectclass=*) # requesting: ALL # # ldap.privatedomain dn: dc=ldap,dc=privatedomain dc: LDAP o: LDAP Server description: Root entry for my domain objectClass: dcObject objectClass: organization # Groups, ldap.privatedomain dn: ou=Groups,dc=ldap,dc=privatedomain ou: Groups description: All local groups objectClass: organizationalUnit # Admin, Groups, ldap.privatedomain dn: cn=Admin,ou=Groups,dc=ldap,dc=privatedomain cn: Admin description: Administrators Group objectClass: posixGroup gidNumber: 1000 memberUID: mrbig # Moderator, Groups, ldap.privatedomain dn: cn=Moderator,ou=Groups,dc=ldap,dc=privatedomain cn: Moderator description: Administrators Group objectClass: posixGroup gidNumber: 1001 memberUID:mod # User, Groups, ldap.privatedomain dn: cn=User,ou=Groups,dc=ldap,dc=privatedomain cn: User description: Administrators Group objectClass: posixGroup gidNumber: 1002 memberUID: bogo # People, ldap.privatedomain dn: ou=People,dc=ldap,dc=privatedomain ou: People description: Group of one, me objectClass: organizationalUnit # Manager, ldap.privatedomain dn: cn=Manager,dc=ldap,dc=privatedomain cn: Manager objectClass: organizationalRole # mrbig, People, ldap.privatedomain dn: uid=mrbig,ou=People,dc=ldap,dc=privatedomain uid: mrbig uidNumber: 1000 gidNumber: 1000 homeDirectory: /home/mrbig givenName: Mr Big sn: Owner objectClass: inetOrgPerson objectClass: posixAccount userPassword:: e1NIQXL1NOTIrbGxZVmZ3ZnR3V1Sd0JaaU9slWM3cjA9 mail: mrbig@bogusmail.com cn: Mr Big displayName: mrbig preferredLanguage: en # mod, People, ldap.privatedomain dn: uid=mod,ou=People,dc=ldap,dc=privatedomain uid: Moderator uidNumber: 1000 gidNumber: 1001 homeDirectory: /home/mrbig givenName: Site Moderator sn: Owner objectClass: inetOrgPerson objectClass: posixAccount userPassword:: e1NIQXG9JTG9NK3NS1kVR0ZMZkovUlFXNb1NLjhnQTA9 mail: mrbig@bogusmail.com cn: Site Moderator displayName: mod preferredLanguage: en # bogo, People, ldap.privatedomain dn: uid=bogo,ou=People,dc=ldap,dc=privatedomain uid: Bogus uidNumber: 1000 gidNumber: 1002 homeDirectory: /home/mrbig givenName: Barely Human sn: Owner objectClass: inetOrgPerson objectClass: posixAccount userPassword:: e1NIQXNLR0ZMZko1kVlFG9NXNG9JTK3NSb1vUjhnQTA9 mail: mrbig@bogusmail.com cn: Bogus Human displayName: bogo preferredLanguage: en # root, People, ldap.privatedomain dn: uid=root,ou=People,dc=ldap,dc=privatedomain uid: WikiAdmin uid: root cn: Admin givenName: root displayName: WikiDude sn: Dude mail: root@localhot preferredLanguage: en objectClass: inetOrgPerson userPassword:: e1NIQXNZMZk1kVlJTGFXNGLR099NK3NSb1ovUjhnQTA9 # search result # numResponses: 10 # numEntries: 9 ################################################################# Dokuwiki user settings (/etc/dokuwiki/local.php): <?php /* * Dokuwiki's Main Configuration File - Local Settings * Auto-generated by config plugin * Run for user: mrbig * Date: Tue, 14 Oct 2014 02:11:23 -0700 */ $conf['title'] = 'Mr Big\'s DokuWiki'; $conf['license'] = 'cc-by-sa'; $conf['allowdebug'] = 1; $conf['useacl'] = 1; $conf['authtype'] = 'authldap'; $conf['passcrypt'] = 'sha1'; $conf['superuser'] = '@Admin'; $conf['manager'] = '@Moderator'; $conf['plugin']['authldap']['server'] = 'ldap://master.privatedomain:389'; $conf['plugin']['authldap']['usertree'] = 'ou=People,dc=ldap,dc=privatedomain'; $conf['plugin']['authldap']['grouptree'] = 'ou=Groups,dc=ldap,dc=privatedomain'; $conf['plugin']['authldap']['userfilter'] = '(&(uid=%{user})(objectClass=posixAccount))'; $conf['plugin']['authldap']['groupfilter'] = '(&(objectClass=posixGroup)(memberUID=%{user}))'; $conf['plugin']['authldap']['version'] = 3; $conf['plugin']['authldap']['starttls'] = 1; $conf['plugin']['authldap']['binddn'] = 'cn=Manager, dc=ldap, dc=privatedomain'; $conf['plugin']['authldap']['bindpw'] = 'boguspw'; $conf['plugin']['authldap']['debug'] = 1; // end auto-generated content
View Attachment As Raw
Actions:
View
Attachments on
bug 14252
: 5503 |
5505
|
5535