Brian Empson wrote: The source code is there, build it however you like. One of the reasons open source software exists is to free you from whatever limitations are imposed by a binary provider. If you tie yourself to precompiled packages that don't do exactly what you want, you're somewhat missing the point. ACIs are a security liability from a centralized administration perspective. They are intrinsically difficult to audit and difficult to track. Use of ACIs can make it impossible to prove that a given deployment correctly implements a formally defined security policy. IME, people who are fond of ACIs either don't understand the security risks, or don't care. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/