Michael Ströder <[email protected]> wrote on 2014/09/25 15:25:03: > > Joakim Tjernlund wrote: > >> Joakim Tjernlund wrote: > >>> How is local root pw any different than domain pw? In your view remote > >>> root access is a big nono so sssd should also enforce no remote root
> > login in > >>> that case. > >> > >> Yes, remote root password is a big no-no. Because it would be effective > >> on all > >> systems at once circumventing most security mechanisms. > > > > You missed the point. You claim remote root is a nono yet you suggest to > > login remotely with local root pw. > > You're missing the point. Especially I did *not* suggest to login remotely > with local root pw. > > I'd recommend to establish proper operational procedures. > It's your job to develop those for your system environment. Yes, it is "my" job, not sssd's. Currently sssd dictate that no system ever should be allowed to login as root, no matter what. Jocke _______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-users
