Thanks Antonio - and yes, I use adminrole.module on all of my sites too - another "brand" module in my view. Does anyone know if adminrole.module and masquerade.module are integrated? Or whether such integration is straightforward/desirable?
I'm thinking specifically of masquerade.module + (security patch) integrating with adminrole.module, to provide a one-click solution to the problem I originally described.
--Jim
--
My IM and Skype details are at http://state68.com/contact
2010/8/9 Antonio P. P. Almeida
<appa@perusio.net>
On 9 Ago 2010 19h00 WEST,
james.benstead@gmail.com wrote:
Thanks, Andrew - I think I'll implement the current version of
Masquerade for the moment (great module, btw - I use it on all of my
dev sites) and then work on integrating this functionality in a
patch when I've got more time - will allow me to learn more about
Drupal security, too. Masquerade is a "brand" module in my view so
there's really no need to fork it.
--Jim
http://drupal.org/project/adminrole, in slightly different vein. It
allows to concede other users some of the powers of UID 1. You can't
run update.php with it. But it allows you to exercise some degree of
latitude in allocating privileges on a Drupal site. Usually when you
enable a new module the users with role "administrator" inherit all
the privileges regarding that module permissions.
It's a different route. I don't think that sudo <everything> like
Ubuntu does is a good policy. You tend to loose the perspective on how
powerful the sudo facility is IMO.
HTH,
--- appa