[Koha-bugs] [Bug 28990] Allow changes for a configurable subset of systempreferences by superlibrarian only
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Tue Sep 14 03:41:59 CEST 2021
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28990
--- Comment #11 from David Cook <dcook at prosentient.com.au> ---
(In reply to Fridolin Somers from comment #10)
> In my opinion storing security settings inside database is not good.
I think it's arguable about whether an Identity Provider counts as a security
setting per se. Or are you referring to different settings?
> We often copy database from a production server to a test server, where
> security is on purpose lower.
That sounds like an internal problem? What's the risk that you're worried about
here? Data breach?
> For me the best place is koha-conf.xml, it already contains major security
> settings (authentication, path, ...)
As a vendor, I like storing things in configuration files (although I hate the
bloated koha-conf.xml), since they're more secure and easier to deploy
programmatically.
But as a consumer, we'd be removing functionality from Koha. I think that's the
point that Donna is making. Unless you have the wealth to pay for a vendor or
internal staff, you might not be able to configure those settings anymore. (Of
course, one could argue there are many settings in Koha that already work that
way.)
--
Ultimately, it doesn't matter to me, as I have power. I'm just thinking about
removing options from people who don't have as much power.
--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
More information about the Koha-bugs
mailing list