> > LDAP > > services aren't really a distinct category. You might run > > several LDAP services on the same host whose data and access > > controls are completely different, and that's what you would
I though ACLs were not kerberos' concern. Kerberos only says that you are you, right? What you can or cannot do outside of kerberos is not its business, right?
