Hi Stephen,
Yes, it would indeed. This is a strong arguement in its favour.
All the best,
david
On Tue, 18 Oct 2005, Burke, S (Stephen) wrote:
> Testbed Support for GridPP member institutes
> > [mailto:[log in to unmask]] On Behalf Of Kostas Georgiou said:
> > I can't see any security problems (provided that the clean up
> > really works).
>
> [...]
>
> > I can't really see what the advantages are for this model, i
> > am sure there
> > is a reason behind the suggestion but at the moment i can't
> > imagine anything.
>
> One advantage is precisely that it makes the clean-up a lot easier. At
> the moment you can't clean an account after a job ends because there may
> be another job (or many others) running under the same account. With a
> new account for every job you can safely delete all processes and files
> owned by that uid when the job ends.
>
> It might also make security tracking better, at least for some things
> you could pin down exactly which job did something.
>
> Stephen
>
>
|