On 02/15/2013 11:50 AM, John Dennis wrote:

O.K. but I want to make sure you understand the difference. If you give login
or other permissions to a network facing system daemon you're opening a huge
security hole. Adding the apache user to the set of users managed by IPA is
quite dangerous unless you are extraordinarily careful to remove privileges
normally granted by IPA, it could lead to the complete compromise of your

Understood. This is actually all before we have moved to IPA, but are exploring things.

Orion Poplawski
Technical Manager                     303-415-9701 x222
NWRA, Boulder Office                  FAX: 303-415-9702
3380 Mitchell Lane                       or...@nwra.com
Boulder, CO 80301                   http://www.nwra.com

Freeipa-users mailing list

Reply via email to