[Koha-bugs] [Bug 11590] Restrict the actions for the DB user

bugzilla-daemon at bugs.koha-community.org bugzilla-daemon at bugs.koha-community.org
Tue Mar 8 15:40:43 CET 2016


Blou <philippe.blouin at inlibro.com> changed:

           What    |Removed                     |Added
                 CC|                            |philippe.blouin at inlibro.com

--- Comment #11 from Blou <philippe.blouin at inlibro.com> ---
I'd like to reply on Robin's comment.

Here, I see a serious need for this as a matter of managing security.  Let just
call that the disgruntled employee scenario.  I have no need for it RIGHT NOW,
but as we plan for every possible outcome, to safeguard our customer's data or
maintaining 24/7 access, one of them is the I-QUIT-AND-DESTROY-ALL-YOUR-SH..

So OK, I have my you-quit-I-lock-out-your-account.  But changing a database
password is a pain, always with some unforeseen consequences (yeah, I should
plan those too).  You try to not have to do it.  Life is just simpler that
way... Also, that's very hard to automate, or do manually through 100

SO, why give a user through a very easy to use UI, very easy to remember staff
url, an Uber-Access to all that is sacred in our business ?

Anyway, too long text.  We can argue about my failures as a security manager,
but I reserve the right to argue that this direct access to the system should
be blockable.

You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.

More information about the Koha-bugs mailing list