[SATLUG] RE: kerberos

[Justizin]

>
> I don't understand this ... We've been using Oracle LDAP servers for
> years in my server farm, and the only developer I allow access to the
> thousands of passwords we have in the database is the project manager.
> Why would hundreds of application developers have read access to your
> password database?
>

The password database is poignantly designed purely for this purpose.
Otherwise, I'd gladly just store thousands of users in a BTree, inside
of ZODB.

Spoon is right that we should just be using a hash, but I am still
nervous about exposing the hash - that's why we have /etc/shadow.

-- 
Justizin, Independent Interactivity Architect
ACM SIGGRAPH SysMgr, Reporter
http://www.siggraph.org/