Greg --
I don't recollect specific references right now, but best security
practices are never to reuse userids, but instead to disable access.
On a related topic, I heard somewhere that in the next few decades we
will run out of social security numbers in the US, and will have to
start reusing them. Could be very interesting.
-- Bhaskar
Greg Woodhouse wrote:
maybe it's a matter of terminology. You probably don't want to rely on
the Linux uid (or even a network ID) to identify people in your
provider index. Yes, I think reusing uids is a reasonable thing to do
(/etc/passwd, or a shadow password file, is not meant to be a
historical record), but you will need some other type of unique
identifier, too.
-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
_______________________________________________
Hardhats-members mailing list
Hardhats-members@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/hardhats-members
