Greg and all,
Thanks for changing the topic.
My main reason was touched on briefly in the handbook node. But I'll elaborate.
Users are people. Users can then get assigned to none, one or more roles. But what is weird/unique to user/1 is that it is essentially a role, not a person. It's a role with unique properties which no other user can be assigned. So what do you do when you want to rotate or share the privileges/responsibilites that user/1 posesses. Typically person->user is a one-one relationship. (more precisely it's e-mail -> user).
It's better for no person to be user/1 but rather that the privileges/log-in info should be available to the person or persons at any given time who need to have superadmin access (e.g. the person or persons in charge of software updates).
Normally there isn't a use case for a user changing user ids; there is a use case for people migrating in/out of having access to superadmin privileges.
To concretize it, here is a simple example. A guy starts a business, in his spare time; he's the only employee. He figures out Drupal and launches his site as user/1. The site turns out to be very successful and grows the business. The founder has created a large volume of content for the site as user/1. But now the guy has employees. His site has also grown in complexity and someone else is administering it. He's in the awkward situation of having to give his employee who administers the site access to his user account in order for the employee to administer the site. And it's not a trivial matter to migrate all his content to another user.
Shai
On 12/9/07, Greg Knaddison greg@pingvox.com wrote:
This is slightly off-topic from the original post so I'm changing the subject.
On Dec 9, 2007 6:30 PM, Shai Gluskin shai@content2zero.com wrote:
Here is the handbook page that describes why not using user/1 for
day-to-day
is a best practice:
I don't think the conclusion you've drawn is really reflected in the meat of the page. That's especially true if you use an account that is granted a role that has all permissions on a site - that account is just as vulnerable to most of the security problems listed on that page.
The only thing that the "user 2 with all privileges" setup gets you is a small amount of protection on security holes/actions in the update.php file. But if you have a "user 2 with all privileges" then that person probably has access to php input format and can do a lot of damage to your site (which is worth a reminder: if you don't need it then disable the php input format).
Regards, Greg
-- Greg Knaddison Denver, CO | http://knaddison.com World Spanish Tour | http://wanderlusting.org/user/greg -- [ Drupal support list | http://lists.drupal.org/ ]