has nothing to do with /etc/passwd, ldap, nis, mysql, or anything. all they need is a hole that allows them to execute something.
--On Wednesday, March 24, 2004 17:48 +0000 mimo <[EMAIL PROTECTED]> wrote:
Maybe I'm off topic. WHere do you keep your user accounts at the moment? are they all local users? Most exploits and vulnerabilities are local -- they only apply to your machine if you have (other) local users. So it's more secure to have "virtual" users via nsswitch / pam /etc and some db (ldap, mysql preferably). There are more reasons - but this is the most compelling one I think.
Michael Moritz
Rod Rodolico wrote:
ok, this is a basic question. I am a small IPP (60 domains, 200 users) and I see a lot of stuff about ldap. I searched the web and got some basic info on what it does, but the big question is, how would it be helpful to me? I also run MySQL services, but mainly the server does smtp, imap, pop, http and dns (exim, courier, apache and bind). One box, 200 users, is there any reason I should consider dns?
BTW, I also maintain three other web servers for people and use them all as backup servers (using rsync) for each other, but I guess that is not part of the issue here.
Thanks,
Rod
-- Please note that this account is being filtered using anti UCE systems. If you send email to this account make sure that it could not be mistaken as UCE.
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
--
Michael Loftis
Modwest Sr. Systems Administrator
Powerful, Affordable Web Hosting
GPG/PGP --> 0xE736BD7E 5144 6A2D 977A 6651 DFBE 1462 E351 88B9 E736 BD7E
