[development] "Sudo" Module
Matt Chapman
matt at ninjitsuweb.com
Mon Aug 9 17:33:29 UTC 2010
Hi James,
I curious about your reasoning for requiring a password? It seems like
an example of "security" that only inconveniences the legitimate
users.
Both the modules mentioned provide an explicit permission to switch,
ensuring that only authorized users have the capability, and both
allow you to permit it without sharing a password that could be
accidentally exposed to unauthorized users.
It seems to me your proposed module weakens security for no practical
benefit. Am I missing something?
All the Best,
Matt Chapman
Ninjitsu Web Development
ph: 818-660-6465 (818-660-NINJA)
fx: 888-702-3095
--
The contents of this message should be assumed to be Confidential, and
may not be disclosed without permission of the sender.
On Mon, Aug 9, 2010 at 9:48 AM, James Benstead <james.benstead at gmail.com> wrote:
> Thanks - both of these modules solve half of the problem (i.e., the
> switching part) - but neither seem to allow me to force the user to enter
> the root password in order to switch to the root account. Very useful,
> though; two new questions:
>
> If I were to build a module that was dependent on either masquerade or devel
> switch user to provide the functionality I'm talking about, which module
> would be the best foundation?
> Is there a simple way I can mash-up this module with the regular user module
> to do this? I'm guessing there must be.
>
> Thanks again, guys; the best bit about Drupal (and the Drupal community) is
> not having to re-invent the wheel ;)
> --Jim
> --
> My IM and Skype details are at http://state68.com/contact
>
> Paolo Mainardi:
> http://drupal.org/project/masquerade
> On 9 August 2010 17:40, Pedro Faria de Miranda Pinto <predofaria at gmail.com>
> wrote:
>>
>> You can use devel module with switch user block
>>
>> On Mon, Aug 9, 2010 at 1:35 PM, James Benstead <james.benstead at gmail.com>
>> wrote:
>>>
>>> I'm very interested in UI design, and mapping the design of Drupal admin
>>> interfaces to pre-existing, long-standing frameworks. I'm currently looking
>>> for a module that allows a "site manager" to quickly switch to and from the
>>> root user of a D6 site - in my mind's eye this module displays a block with
>>> a password field and a submit button; entering the root password and hitting
>>> the button is broadly equivalent to "sudo su" in Unix. Once the user has
>>> root privileges, a click on the "step down" button in the same block returns
>>> them to their saved regular session.
>>> My question: does a module exists that does this, or gets close to this?
>>> Or is it possible to cobble together this functionality by using existing
>>> functionality in already-existing D6 modules?
>>> Thanks,
>>> --Jim
>>> --
>>> My IM and Skype details are at http://state68.com/contact
>>
>>
>>
>> --
>> Pedro Faria de Miranda Pinto
>> http://www.eusouopedro.com
>> http://www.phpavancado.net
>
>
More information about the development
mailing list