[Koha-devel] SQL reports [error]
Jared Camins-Esakov
jcamins at cpbibliography.com
Mon Apr 30 17:21:20 CEST 2012
Paul,
On Mon, Apr 30, 2012 at 11:17 AM, Paul Poulain <paul.poulain at biblibre.com>wrote:
> Question to all = could it be a good idea to let superlibrarians execute
> dangerous SQLs like the one forbidden by the test ?
> Otherwise asked: could we add a
> unless permission eq 'superlibrarian'
> condition ?
>
> ( ie: "with great power comes great responsibility" - at spiderman uncle- )
>
We were actually just discussing that on #koha a few days ago. I argued
that only the database user (i.e. user 0) should be allowed to do it. If
you have the direct login, there's nothing you can't do with the system
just by logging into the database.
Regards,
Jared
--
Jared Camins-Esakov
Bibliographer, C & P Bibliography Services, LLC
(phone) +1 (917) 727-3445
(e-mail) jcamins at cpbibliography.com
(web) http://www.cpbibliography.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/koha-devel/attachments/20120430/7bd62a9f/attachment.htm>
More information about the Koha-devel
mailing list