> ......... We could be very cautious and have the architectrure >document prohibit such use, or we could have that document merely warn >users (system administrators) about the pitfalls of such use. > I think these should be mentioned in the document. It also brings up the issue of 'policy' of enforcing security. After all, it is a policy thing. /eric