Hi,
I am currently working with a collection schools that want to run Moodle (a LAMP project that has a Mac OS version) and these schools have XServes that are used to control Mac policies and builds but pretty much nothing else.
I am getting two contradicting feedbacks over the idea of running Moodle on the XServes: On one hand the TA’s are saying that it is too much of a vulnerability and (even though it will be trusted staff members) it would have too higher possibility of affected service. This could simply be down to them not fully understanding the subject matter and so saying no.
On the other hand, the Mac bods say that all will be rosy and isolated and nothing could go wrong and if we needed to turn it off we just untick a box. Although this could be simply down to them being fanboys and wanting an excuse to fiddle more.
Can I have some input on this (ideally with some authoritative references as whichever way I turn I will be strongly challenged). The main points as I see it are;
I am sure there are other important points that can be pointed out.
Thanks in advance,
Norman
I am currently working with a collection schools that want to run Moodle (a LAMP project that has a Mac OS version) and these schools have XServes that are used to control Mac policies and builds but pretty much nothing else.
I am getting two contradicting feedbacks over the idea of running Moodle on the XServes: On one hand the TA’s are saying that it is too much of a vulnerability and (even though it will be trusted staff members) it would have too higher possibility of affected service. This could simply be down to them not fully understanding the subject matter and so saying no.
On the other hand, the Mac bods say that all will be rosy and isolated and nothing could go wrong and if we needed to turn it off we just untick a box. Although this could be simply down to them being fanboys and wanting an excuse to fiddle more.
Can I have some input on this (ideally with some authoritative references as whichever way I turn I will be strongly challenged). The main points as I see it are;
- Can malicious code (whether PHP, Apache config, MySQL queries etc.) be run on the server that could affect the running of the server (other than the web server and sql)?
- Would the admin user for the site require admin access to the server?
- If Moodle was used very heavily could it affect the other functions on the server?
- Could access be limited to only the required services?
I am sure there are other important points that can be pointed out.
Thanks in advance,
Norman
