[Discuss] can one safely login multiple times to the same user on a modern Linux desktop?

Rich Pieri richard.pieri at gmail.com
Fri Sep 7 19:52:28 EDT 2012


On Fri, 7 Sep 2012 18:03:01 -0500
Derek Martin <invalid at pizzashack.org> wrote:

> Sure, colleges typically do this not so much for authentication or
> authorization reasons, but for resource availabilty reasons.  You

You practically demanded an example where this kind of policy was
enforced. You got it.

MIT uses Kerberos for authentication across the entire gamut of
information services. Students use it for course registration.
Employees use it for time reporting. Anyone purchasing equipment or
supplies through MIT's vendor program uses it. That's just the tip of
the iceberg.

I have an even better example: Active Directory with roaming profiles.
Active Directory is MIT Kerberos + LDAP + DNS, the same authentication
system used by Athena. Add AD roaming profiles and you have an
environment that is practically identical to an Athena workstation. I'm
sure that we would all agree that this kind of environment is
ubiquitous in corporate America.

If you think that the horse has been flogged to mush then I'll leave
you with this rhetorical question: would you trust a Windows login
session to the screen lock?

-- 
Rich P.



More information about the Discuss mailing list