Thanks. I'm not really worried about this particular vulnerability, just wondering about the more general idea that having db user name = os user could reduce your security, even if only slightly. Is it just as conceivable that a vulnerability could come along that was more exploitable only if the two names were _different_?
To put it another way, keeping the two sets of names distinct is incrementally more complex to manage. Which might be worth it if there really is any gain. Is this a "best practice," or is it really a manifestation of its closely-related cousin, the "silly practice?" :) Cheers, Ken -- AGENCY Software A Free Software data system By and for non-profits *http://agency-software.org/ <http://agency-software.org/>* *https://agency-software.org/demo/client <https://agency-software.org/demo/client>* ken.tan...@agency-software.org (253) 245-3801 Subscribe to the mailing list <agency-general-requ...@lists.sourceforge.net?body=subscribe> to learn more about AGENCY or follow the discussion.
