On Feb 5, 2007, at 5:00 AM, Mike 'Mike' Jones wrote:
By the way, mapping all users to one account is a serious security flaw.
Mike, You are very correct. My understanding is that mapping all GIN users to a single account was a temporary approach to get GIN off the ground. It certainly wasn't intended to be a long-term solution, or to be used for more than proof-of-interoperability demos. Perhaps it is now time to come up with a more secure long term solution for GIN participants. Since there are only a few GIN users today, should we create individual accounts for all GIN users on all GIN participating grids? Or is there a better option that will scale better? Any suggestions on what that next, more secure, approach should be? Regards, JP ------------------------------------------------------------------------ ------ John-Paul Navarro (630) 252-1233 navarro@mcs.anl.gov http://www.mcs.anl.gov/ ~navarro TeraGrid Software Integration Univ of Chicago/Argonne Nat. Lab. GPG: 4EA9 C86B C0F0 113D 6306 98B7 3649 D6CB EFA8 4133