 |
 |
Testbed Support for GridPP member institutes > [mailto:[log in to unmask]] On Behalf Of Kostas Georgiou said: > I can't see any security problems (provided that the clean up > really works). [...] > I can't really see what the advantages are for this model, i > am sure there > is a reason behind the suggestion but at the moment i can't > imagine anything. One advantage is precisely that it makes the clean-up a lot easier. At the moment you can't clean an account after a job ends because there may be another job (or many others) running under the same account. With a new account for every job you can safely delete all processes and files owned by that uid when the job ends. It might also make security tracking better, at least for some things you could pin down exactly which job did something. Stephen