Application Security - Novell LINUX ENTERPRISE 11 - SUBSCRIPTION MANAGEMENT TOOL GUIDE 10-02-2009 Manual

--user cn=EastBostonUser,cn=east,ou=boston,o=mycorp,c=us
The default LDAP user can now be replaced by this user, especially for the
posInitBranchserver command.
...
Enter the DN of the LDAP user for administration tasks [default:
cn=admin,o=mycorp,c=us]
cn=EastBostonUser,cn=east,ou=boston,o=mycorp,c=us
TIP: For More Information
For more details on the syntax of the slapd.conf configuration file and the
ACLs, refer to the manual pages of slapd.conf(5), slapd.access(5),
and slapacl(8). The slapacl command allows you to verify that your ACLs
work as planned.

8.4 Application Security

Any piece of software used in your setup probably contains some inherent security
vulnerabilities which slip by mostly unnoticed as the respective functions may not be
used in every day life. To protect your setup from these vulnerabilities, SUSE Linux
Enterprise Server and SUSE Linux Enterprise Point of Service come with the AppArmor
protection framework. AppArmor provides so-called profiles for some of the most im-
portant applications that specify which files these programs are allowed to read, write
and execute. Using these profiles, you make sure that a program does what it is supposed
to do.
Use AppArmor to protect each of your servers. If you need additional profiles, use the
YaST AppArmor tools to generate new profiles. To learn more about AppArmor refer
to the AppArmor documentation included in the Security Guide that is available from
http://www.novell.com/documentation/sles11/.
Securing Your Setup 115