There are many different things, generically, one would like to do with an account, often classifiable as read-only, write-but-reversible, write-but-logged, irreversible writes, and administrative actions such as changing the account password and logging settings. Ideally, one would like different authentication for each privilege. At the very least, changing the account password should be protected differently.
However, this may be unwieldy.
No comments :
Post a Comment