Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Check if LDAP Injection would be an issue in Glim #65

Closed
doncicuto opened this issue Sep 27, 2022 · 2 comments
Closed

Check if LDAP Injection would be an issue in Glim #65

doncicuto opened this issue Sep 27, 2022 · 2 comments
Assignees
@doncicuto
Labels
security Security
Milestone
0.4.0-alpha

Comments

@doncicuto
Copy link
Owner

As @westurner suggests in #60, I'll check if LDAP Injection would affect Glim as I use Gorm for SQL operations (which would protect against SQL Injection)

Useful reference:
@doncicuto doncicuto added the security Security label Sep 27, 2022
@doncicuto doncicuto self-assigned this Sep 27, 2022
doncicuto added a commit that referenced this issue Sep 28, 2022
@doncicuto
Merge pull request #67 from doncicuto/feat-61
254abbc 
feat: add json format for commands, closes #65
@doncicuto doncicuto reopened this Sep 28, 2022
@doncicuto
Copy link
Owner Author

Wrong PR (typo), keeping open

@doncicuto doncicuto added this to the 1.0.0-beta1 milestone Sep 28, 2022
@doncicuto doncicuto modified the milestones: 1.0.0-beta1, 0.4.0-alpha Oct 19, 2022
@doncicuto
Copy link
Owner Author

As long as Glim gets LDAP statements user inputs and converts them into SQL queries managed by Gorm, this security issue should not affect Glim when serving LDAP requests. Will re-open if Glim LDAP support changes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@doncicuto doncicuto

Labels
security Security
Projects
None yet
Milestone
0.4.0-alpha
Development

No branches or pull requests
1 participant
@doncicuto