| 1 |
* kashani <kashani-list@××××××××.net> wrote: |
| 2 |
|
| 3 |
> Some people prefer to give their webapps limited insert, update, and |
| 4 |
> delete access and it's likely that Mediawiki's updates require alter, |
| 5 |
> create, drop, and file access which might be why they say to use an |
| 6 |
> account with root privileges. |
| 7 |
|
| 8 |
For larger (not web-only) applications I can understand giving |
| 9 |
several subsystems specific access via separate views. But for |
| 10 |
an monolithic web(-only)-app like mediawiki, its really useless. |
| 11 |
The worst damage an attacker can do is deleting or changing data, |
| 12 |
database ownership is not needed for that. |
| 13 |
|
| 14 |
Does anyone known some way (w/o crawling too deep in the code) |
| 15 |
for givinb mediawiki the ownership of the database and never ever |
| 16 |
require superuser privileges anymore ? |
| 17 |
|
| 18 |
|
| 19 |
cu |
| 20 |
-- |
| 21 |
--------------------------------------------------------------------- |
| 22 |
Enrico Weigelt == metux IT service - http://www.metux.de/ |
| 23 |
--------------------------------------------------------------------- |
| 24 |
Please visit the OpenSource QM Taskforce: |
| 25 |
http://wiki.metux.de/public/OpenSource_QM_Taskforce |
| 26 |
Patches / Fixes for a lot dozens of packages in dozens of versions: |
| 27 |
http://patches.metux.de/ |
| 28 |
--------------------------------------------------------------------- |
| 29 |
-- |
| 30 |
gentoo-user@g.o mailing list |
Archives