Introducing a Security Access Control Engine Inside OpenLDAP
The Symas Blog Keeping our clients up to date on big fixes, helpful tips, and more. Security Access Control Engine - How & Why The OpenLDAP Accelerator is a Policy Decision Point that resides inside the slapd process. This presentation - “Introducing a...Understanding LMDB Database File Sizes and Memory Utilization
The Lightning Memory-mapped Database (LMDB) is designed around the virtual memory facilities found in modern operating systems, Multi-version Concurrency Control (MVCC), and Single-Level Store (SLS) concepts. This design is quite different than those of more traditional databases and, in operation, it can mimic behaviors that system administrators have been trained to recognize as signs of trouble. With LMDB, though, the behaviors are normal, but nonetheless this leads to the following questions:
ApacheDS & Fortress QUICKSTART
As engineers, we are often encouraged to use the right tool for the job. Maybe that is because we tend to grow too attached to the familiar. When we’ve got a hammer, everything looks like a nail.
Apache Fortress 1.0-RC42 Released
Announced just this week: Apache Fortress 1.0-RC42 released. What, is this some kind of joke? Why would a project go thru 42 iterations of release candidates just for a 1.0 designation? No joke here unless you find our efforts to create a simple, useful and robust access management solution funny. Before that 1.0 label gets used, we’re going to make sure it’s deserving.
OpenLDAP & Fortress QUICKSTART
Fortress and OpenLDAP go together like peanut butter and jelly. Either is good, but taken together, their flavors blend into something different, and perhaps better.
Why Bugs are Good
Goes against the grain of conventional wisdom. The nastier, the better. How can this be? Let me state the ways.
DROWN Vulnerability with Remediation
Network traffic encrypted using an RSA-based SSL certificate may be decrypted if enough SSLv2 handshake data can be collected. Exploitation of this vulnerability—referred to as DROWN in public reporting—may allow a remote attacker to obtain the private key of a server supporting SSLv2.
The Sad State of C Strings
Character strings are an essential component of any programming language, but C Strings were a bit unusual in not defining an explicit string type. The C standard specifies some standard library functions for operating on C strings, which gives them a de-facto type and standard methods, but the standard library functions were horrible when first invented in the 1970s, and nothing sane has replaced them yet. In honor of the Chinese Lunar New Year, and the 30th anniversary of this rant, I delve once more into these problems.