On 5/12/14 8:49 PM, Vernon Hamberg wrote:
It is definitely proactive.
Not if there is nothing to PREVENT a rogue administrator from giving
himself or herself, or some "strawman" user, the authority in question.
Not "log it for the auditors if it happens," not even "alert the
auditors immediately if it happens"; PREVENT.
Without active prevention, it still sounds to me like "security
theatre." The same kind of "security theatre" that, in airline passenger
screening, made the World Trade Center Atrocities possible.