[development] Drupal 5.x Installation is Bad!
Karoly Negyesi
karoly at negyesi.net
Wed Oct 11 09:01:38 UTC 2006
> > It's not really hard to have an installer that does everything for
> > you, but you will need to give it ultimate privilege which is bad
> > security wise. Drupal tries to balance things.
> >
> simply remove the superuser after the DB has created. isn't that easy?
Yes and no. You forget that often you do not have the privileges to create a database from a PHP script but you need to do it from a control panel. This would lead to more complex documentation and more complex code.
I have seen cases when I own the server and yet only my sysadmin has the MySQL su password for valid security reasons.
And often, the database is there -- one account, one database.
All in all, I do not see the need for database creation code.
Regards
NK
More information about the development
mailing list