I'm curious as to why you have sensitive information in libnss-ldap.conf. The only thing that could possibly considered sensitive is the password to a ldap user. I have run Ubuntu systems without that since warty and I have not had a problem. We just bind anonymously. What would you be using that password for?
Also it makes sense that libnss-ldap.conf needs to be readable by everyone on the system because its a libc function and you need to give libc a way of getting its configuration information.
I'm curious as to why you have sensitive information in libnss-ldap.conf. The only thing that could possibly considered sensitive is the password to a ldap user. I have run Ubuntu systems without that since warty and I have not had a problem. We just bind anonymously. What would you be using that password for?
Also it makes sense that libnss-ldap.conf needs to be readable by everyone on the system because its a libc function and you need to give libc a way of getting its configuration information.