LDAP sets the permission bits for 'other' users to rw- on these two files at startup which exposes us to trojan horse and backdoor attacks according to zSecure. Can LDAP be changed to set the permission bits for these files to 755 (or other combination that prevents WRITE permission for 'other ' users.
Release : 16.0
Component : LDAP Server
If you don't need those files for anything, you can remove them from slapd.conf. Then they won't even be created
Just comment out with a # or remove:
pidfile ./slapd.pidargsfile ./slapd.args
That should have been on 2 lines.
pidfile ./slapd.pid
argsfile ./slapd.args
These are from the sample slapd.conf files, should remove them as well.