Quoting Greg Knaddison greg@pingvox.com:
This is slightly off-topic from the original post so I'm changing the subject.
On Dec 9, 2007 6:30 PM, Shai Gluskin shai@content2zero.com wrote:
Here is the handbook page that describes why not using user/1 for day-to-day is a best practice:
I don't think the conclusion you've drawn is really reflected in the meat of the page. That's especially true if you use an account that is granted a role that has all permissions on a site - that account is just as vulnerable to most of the security problems listed on that page.
Yes, which is why I asked the question, how is it different? The answer is of course that it isn't. And worse if you have a DBA that also has an account the DBA could easily change his role status.
The only thing that the "user 2 with all privileges" setup gets you is a small amount of protection on security holes/actions in the update.php file. But if you have a "user 2 with all privileges" then that person probably has access to php input format and can do a lot of damage to your site (which is worth a reminder: if you don't need it then disable the php input format).
So my suggestion is to use user/1 for administration and use some other user for creating content. If you want to give privileges to another user, pick and choose what you want the user to do in the new role, don't just blindly give them full privileges.
Earnie -- http://for-my-kids.com/ -- http://give-me-an-offer.com/