There's a lot to be said for denying all users the ability to log in to a critical application server (i.e. not giving them accounts), and then connecting the applications up to sockets and letting them do their own user authentication and access authorization. This is particularly true if you need to grant access to data in ways that don't map well to the access control mechanism supplied with the operating system. And if the authentication is strong (it can even be stronger than what the OS supports) then all of the arguments against using such mechanism lose their strength; by virtue of passing a difficult test points accountability to the right users.
The drawback is that there's central user database. This is also a compelling feature to support data sharing across multiple critical applications. --- Forwarded mail from [EMAIL PROTECTED] YES, I understand that its security is not perfect. It's a lot better than not having any damned control at all. After all, I don't have hostile hackers roaming the halls and my network trying desperately to work around the security in CVS. Heck, if I have hostile hackers loose in my network, I have a *@#$load of more problems than whether they can read a particular source file.. Or is the philosophical opposition to such grafted-on mechanisms so great here that no one is ready to even consider any sort of feature in CVS that might dare whisper of the access control heresy? --- End of forwarded message from [EMAIL PROTECTED] _______________________________________________ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
