Comment 61 for bug 423252
Revision history for this message
| Howard Chu (hyc) wrote Re: NSS using LDAP on Karmic breaks 'su' and 'sudo' | #61 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
Right, given the timing for the Lucid release it's probably way too late. I can't comment on your experience with nslcd as I have never used its code or read it in depth. The stub library and nssov have been pretty well tested internally in Symas; since the stub library is almost entirely cookie-cutter code it's known to be bug-free. At the risk of sounding like a commercial, I should note that Symas is offering standalone packages for free evaluation (our SUUMv4 product, based on nssov). A number of our customers have migrated successfully, it's an easy transition.
In the meantime, for this bug, it looks like gcrypt uses its internal secure malloc function if the app didn't set any overrides. I'm not sure that making libldap override the secure malloc is a good idea, since some apps may still want that secure malloc behavior. And any app that explicitly uses gnutls or libgcrypt may get its preference silently overridden by libldap, or vice versa.
Again, the only safe way to address this bug is by taking libldap/nss_ldap out of the application's address space.