On Tue, 2005-10-18 at 14:23 +0200, Oscar Koeroo wrote:
> Hi Maarten:
> From a security point of view I can understand this very strict use of
> giving each job its own poolaccount.
I for one can't think a anything at all that would increase security by
having one account / job. Examples please?
On the contrary having one account / job increases complexity and hence
increases the risk for security problems.
And (as we all know already) recycling accounts must not be done without
having verified VERY STRICTLY that ALL files and traces of the previous
use of the account have been eliminated and in my opinion shouldn't be
done with less then at least a few days turnaround time to ease "after
the fact" traceability. Then start adding up all the jobs that pass
through a large site on lets say 3-4 days...
|