[development] "Sudo" Module

James Benstead james.benstead at gmail.com
Mon Aug 9 17:56:17 UTC 2010


Matt, that's a great solution. Thanks! J.

--Jim
--
My IM and Skype details are at http://state68.com/contact


On 9 August 2010 18:54, Matt Chapman <matt at ninjitsuweb.com> wrote:

> Ah ha. I see what you're going for.
>
> My personal approach is to try to never give users a level of access
> where they might break the site, even accidentally. But that does
> often require additional work that I realize is not always practical,
> if you're dealing with limited time or budgets.
>
> If Domenic doesn't persuade you, and you're still going to go to the
> point of creating a custom module, may I suggest that you require
> users to re-enter their OWN password, rather than sharing the user 1
> password with every one? Really, you're asking for trouble by sharing
> that password with anyone who doesn't absolutely need it.
>
> All the Best,
>
> Matt Chapman
> Ninjitsu Web Development
> ph: 818-660-6465 (818-660-NINJA)
> fx: 888-702-3095
>
> --
> The contents of this message should be assumed to be Confidential, and
> may not be disclosed without permission of the sender.
>
>
>
> On Mon, Aug 9, 2010 at 10:39 AM, James Benstead
> <james.benstead at gmail.com> wrote:
> > Hi Matt,
> > It's "deliberate inconvenience" if you like. The site will have a manager
> > who will, through their regular account, be able to upload and manage
> > content, process Ubercart orders, etc. I'd like them to quickly be able
> to
> > switch to the root account for more technical (and therefore dangerous)
> > tasks. The act of entering a password will give them the sense that what
> > they are doing implies a risk. Also, the root account will have a
> slightly
> > different theme. Possibly plastered with skull and crossbone motifs ;)
> > --Jim
> > --
> > My IM and Skype details are at http://state68.com/contact
> >
> >
> > On 9 August 2010 18:33, Matt Chapman <matt at ninjitsuweb.com> wrote:
> >>
> >> Hi James,
> >>
> >> I curious about your reasoning for requiring a password? It seems like
> >> an example of "security" that only inconveniences the legitimate
> >> users.
> >>
> >> Both the modules mentioned provide an explicit permission to switch,
> >> ensuring that only authorized users have the capability, and both
> >> allow you to permit it without sharing a password that could be
> >> accidentally exposed to unauthorized users.
> >>
> >> It seems to me your proposed module weakens security for no practical
> >> benefit. Am I missing something?
> >>
> >> All the Best,
> >>
> >> Matt Chapman
> >> Ninjitsu Web Development
> >> ph: 818-660-6465 (818-660-NINJA)
> >> fx: 888-702-3095
> >>
> >> --
> >> The contents of this message should be assumed to be Confidential, and
> >> may not be disclosed without permission of the sender.
> >>
> >>
> >>
> >> On Mon, Aug 9, 2010 at 9:48 AM, James Benstead <
> james.benstead at gmail.com>
> >> wrote:
> >> > Thanks - both of these modules solve half of the problem (i.e., the
> >> > switching part) - but neither seem to allow me to force the user to
> >> > enter
> >> > the root password in order to switch to the root account. Very useful,
> >> > though; two new questions:
> >> >
> >> > If I were to build a module that was dependent on either masquerade or
> >> > devel
> >> > switch user to provide the functionality I'm talking about, which
> module
> >> > would be the best foundation?
> >> > Is there a simple way I can mash-up this module with the regular user
> >> > module
> >> > to do this? I'm guessing there must be.
> >> >
> >> > Thanks again, guys; the best bit about Drupal (and the Drupal
> community)
> >> > is
> >> > not having to re-invent the wheel ;)
> >> > --Jim
> >> > --
> >> > My IM and Skype details are at http://state68.com/contact
> >> >
> >> > Paolo Mainardi:
> >> > http://drupal.org/project/masquerade
> >> > On 9 August 2010 17:40, Pedro Faria de Miranda Pinto
> >> > <predofaria at gmail.com>
> >> > wrote:
> >> >>
> >> >> You can use devel module with switch user block
> >> >>
> >> >> On Mon, Aug 9, 2010 at 1:35 PM, James Benstead
> >> >> <james.benstead at gmail.com>
> >> >> wrote:
> >> >>>
> >> >>> I'm very interested in UI design, and mapping the design of Drupal
> >> >>> admin
> >> >>> interfaces to pre-existing, long-standing frameworks. I'm currently
> >> >>> looking
> >> >>> for a module that allows a "site manager" to quickly switch to and
> >> >>> from the
> >> >>> root user of a D6 site - in my mind's eye this module displays a
> block
> >> >>> with
> >> >>> a password field and a submit button; entering the root password and
> >> >>> hitting
> >> >>> the button is broadly equivalent to "sudo su" in Unix. Once the user
> >> >>> has
> >> >>> root privileges, a click on the "step down" button in the same block
> >> >>> returns
> >> >>> them to their saved regular session.
> >> >>> My question: does a module exists that does this, or gets close to
> >> >>> this?
> >> >>> Or is it possible to cobble together this functionality by using
> >> >>> existing
> >> >>> functionality in already-existing D6 modules?
> >> >>> Thanks,
> >> >>> --Jim
> >> >>> --
> >> >>> My IM and Skype details are at http://state68.com/contact
> >> >>
> >> >>
> >> >>
> >> >> --
> >> >> Pedro Faria de Miranda Pinto
> >> >> http://www.eusouopedro.com
> >> >> http://www.phpavancado.net
> >> >
> >> >
> >
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.drupal.org/pipermail/development/attachments/20100809/e66d00b6/attachment.html 


More information about the development mailing list