Re: Please review text for security warning

[Ryan Tandy <ryan@nardis.ca>]

Hi,

Thanks for your earlier feedback, and I'm sorry it's taken me so long to 
follow up on this.

On 14-10-04 04:26 PM, Justin B Rye wrote:
> That's an alarmingly fragile-looking procedure...

It is. I did spend some time on a scripted solution, but at this point 
it's extremely late to introduce a change that risks breaking slapd if I 
got it wrong; so back to the original plan.

Please find below the complete set of added or modified debconf 
templates that I intend to post for translation, in case you have any 
further suggestions.

Once again, my sincere apologies for having these unfinished changes so 
close to the freeze.

Template: slapd/backend
Type: select
Choices: BDB, HDB, MDB
Default: MDB
_Description: Database backend to use:
 HDB and BDB use similar storage formats, but HDB adds support for
 subtree renames. Both support the same configuration options.
 .
 The MDB backend is recommended. MDB uses a new storage format and
 requires less configuration than BDB or HDB.
 .
 In any case, you should review the resulting database configuration for
 your needs. See /usr/share/doc/slapd/README.Debian.gz for more details.

Template: slapd/unsafe_selfwrite_acl
Type: note
#flag:comment:3
# Translators: keep "by self write" and "to *" unchanged. These are
# part of the slapd configuration and are not translatable.
_Description: Access rules permit self-modification by users
 One or more of the configured databases has an access control rule
 that allows users to modify most of their own attributes. This may be
 unsafe, depending on how the database is used.
 .
 It is recommended to remove "by self write" from access rules
 beginning with "to *", so that users are only able to modify
 specifically allowed attributes.
 .
 See /usr/share/doc/slapd/README.Debian.gz for more details.