It would have to be a powerful user, like root (w00t!) or a user that has MySQL create database authority. PHP is simply creating a pipe to MySQL - through Apache - but it is the MySQL user credentials that would allow or prohibit this action. It's a nice-ity for local development, although not a show stopper in any sense. If the local user doesn't have authority, it would error out in a manner similar to how the install errors now. But, I could be way off base here.

Thanks for everyone's response. :-)

On Fri, Nov 14, 2008 at 11:19 AM, Laura Scott <pinglaura@gmail.com> wrote:
There are also security reasons. It's not good for Apache to have such powerful permissions. It raises the stakes on security. Ultimately the easiest installer is operated outside of the Apache user.

Laura

On Nov 13, 2008, at 11:29 PM, Fernando P. García wrote:

dmitry danilevsky wrote:

On Friday 14 November 2008 07:17:39 Amy Stephen wrote:

I apologize if this is not the appropriate place to ask this question but I
am curious after checking out your fine development work.

Why doesn't the Drupal Installation process try to create the database if
it doesn't exist already? WordPress is the same. Joomla! will use the
database if it exists - and create it, provided the ID has sufficient
permissions. It's just another "make things easier" step (for both the
"newbie" crowd, but also developers testing/working).

I was curious if there were security concerns? Or, if it just never seemed
to be someone's itch?

Again, if I am out of place with this question, please let me know, and
forgive my ignorance.

Kind regards,
Amy :)


If they already why don't we do?...
becouse many of the hostings do not allow creating db from php-scripts.

Consider there are lots of people working with a local copy, hostings are just an scenario but we can't  just *cut* others without a good reason.

Blessings!
<fernandoparedesgarcia.vcf>