http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11590 --- Comment #4 from Kyle M Hall <kyle@bywatersolutions.com> --- At this point I wonder why we still allow logins as the DB user. Wouldn't it be better to add a cli script to generate a first superlibrarian to log in with, and do away with db user logins altogether? (In reply to Chris Cormack from comment #3)
(In reply to Robin Sheat from comment #2)
The giant warning saying that you shouldn't do that indicates that you shouldn't do that.
A better fix is is to make that warning a bit more compulsory, e.g. cutting off access to functions that aren't related to configuration/management if you're the database user.
Maybe also make the warning bigger and having blinking marqueed text so it doesn't get ignored.
Yep, what Robin is saying is that the real problem here is that you are logged in not as a real user but the db user.
I agree that we should definitely not let the db user ever circulate. That would be a much better solution. Also, lots of other features should be blocked too.
-- You are receiving this mail because: You are watching all bug changes.