An inexperimented admin (like me) could put in that file the password to bind to the ldap server. With 644, the password would then be readable by any user on the system. Suggestion: chmod 600 /etc/openldap/pureftpd-ldap.conf Should be done while file is in the image folder.
Created attachment 82831 [details, diff] fix permissions http://download.pureftpd.org/pub/pure-ftpd/doc/README.LDAP ------------------------ LDAP CONFIGURATION FILE ------------------------ Before running the server, you have to create a configuration file. Why a configuration file instead of simple command-line options? you may ask. Because for security reasons, you may want to hide how to connect to your LDAP server. And as command-line options can be discovered by local users (with 'ps auxwww' for instance), it's more secure to use a configuration file for sensitive data. Keep the file only readable by root (chmod 600) .
Fixed in 1.0.21-r1. Best regards, CHTEKK.