1) Do not allow non admin types to change the email address. Not even
   users can change this since our authorization mechanism is strongly
   dependent on the email address. I do not expect this to be a
   problem; changing your email address should be a very rare event,
   so admin people can do it for users. Maybe not necessary, but I
   need to think about it some more.

2) Send email when user information is updated. Message is sent to the
   user and CC'ed to the testbed audit list. DO NOT CHANGE USER
   INFORMATION USING MYSQL! ALWAYS USE THE WEB INTERFACE!