The access to the GIIS and GRIS is via the LDAPv2 protocol. The communication is not encrypted and anonymous, but read-only. Although there are no known exploits available for the GIIS/GRIS LDAP service, it is hard to guarantee that malicious requests will not results in a breach of security. This is largely related to the use of the shell back end by the LDAP server: it might be possible that malicious queries get propagated to a shell script. No security tests have been performed.
In a future release, the shell back end will be replaces by a more conventional ldbm back end with soft referrals from the GIIS to the GRIS. This will bring the LDAP server in line with more conventional installs elsewhere. It will likely increase the security of the system.