On 05 Jul 2010, at 07:51, Rudy Gevaert wrote:
However if you are running replica's and masters on the same server
(of different instances) you'll have your sync_password on the
server in plain text. And thus the possibility of getting it
abused (only on the replica).
However, if you want to be able to failback, and you'll need to add
your syncuser to the admins of the master server.
In the end, your are just easier and better of in using one user
for replication and admin.
However I like to possibility to have a different user for
replication.
It would maybe be nice to have some more privilege separation
between the replication and admin users. E.g. the replication user
don't have to be in the admin list. Wouldn't it?
Would more privilege separation actually improve the security model
in the cases above?
:wes
