On Fri, 2009-10-30 at 16:25 -0400, Dmitri Pal wrote: > Simo Sorce wrote: > > On Fri, 2009-10-30 at 15:57 -0400, Rob Crittenden wrote: > > > >> The message is not configurable, it just says that something is > >> trying > >> to modify your user preferences. > >> > > > > And rightly so, this is a security warning. If it were modifiable a > > rogue server could change the message to ask: "do you like bacon ?" > > To which *everyone* would have to answer Yes :-) > > > > Simo. > > > > > Modifiable by the program no, I agree. But configurable centrally on per > server basis why not?
Dmitri, this is a message the *client* shows the user, and the job of the client is to prevent servers to play with it ... > I would say that it would be nice to be able to configure FF centrally to: > > * Automatically accept cert from IPA. > * Have a right configuration in the preferences for kerberos Certainly, but out of band, you can't do this from a Web Server you are connecting to. This is a job for puppet/cfengine/etc... > I think it all boils down to enhancements to FF. > Let me see what I can do about it. Nothing, you'd be asking to break a security feature of the browser ... Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel