On Thu, 08 Jan 2015 16:31:22 +0200, Marko Rauhamaa wrote: > alister <alister.nospam.w...@ntlworld.com>: > >> On Thu, 08 Jan 2015 16:06:16 +0200, Marko Rauhamaa wrote: >>> An administrator doesn't need the users' passwords for anything but >>> should be assumed to know them. >> >> The administrator may be able to change them but he should NEVER know >> them (or need to)! > > When you are under an administrator's dominion, *you* must assume the > they know your password. > > (Somewhat in the same vein, if you are running a virtual machine, *you* > must assume the owner of the host computer has root access to your > virtual machine. By extension, *you* must assume the government > officials of the physical jurisdiction of the host computer have root > access to your virtual machine.) > > > Marko I will agree with you there. The administrator 'should' never know your password but as a user you should never believe that password security has been correctly implemented (just ask Sony :-) )
-- "The subspace _W inherits the other 8 properties of _V. And there aren't even any property taxes." -- J. MacKay, Mathematics 134b -- https://mail.python.org/mailman/listinfo/python-list