On 02/15/2013 11:50 AM, John Dennis wrote:


O.K. but I want to make sure you understand the difference. If you give login
or other permissions to a network facing system daemon you're opening a huge
security hole. Adding the apache user to the set of users managed by IPA is
quite dangerous unless you are extraordinarily careful to remove privileges
normally granted by IPA, it could lead to the complete compromise of your
network.


Understood. This is actually all before we have moved to IPA, but are exploring things.

--
Orion Poplawski
Technical Manager                     303-415-9701 x222
NWRA, Boulder Office                  FAX: 303-415-9702
3380 Mitchell Lane                       or...@nwra.com
Boulder, CO 80301                   http://www.nwra.com

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to