Hi List!
I'm currently fixing the bugs with advanced authentication. I'm afraid this requires some important changes but it's required :(
I've need your opinion on one point: who should be displayed the "show variables", and "show processlist" at the main right frame? Super-users only (ie those than can use the "mysql" db)? Those who do not have "only_db" set (but may be associated some restrictions with the mysql priv. system)? All users?
Thanks for your advices, Loïc
______________________________________________________________________________ ifrance.com, l'email gratuit le plus complet de l'Internet ! vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP... http://www.ifrance.com/_reloc/email.emailif
Hi Loïc,
Loïc a écrit :
Hi List!
I'm currently fixing the bugs with advanced authentication. I'm afraid this requires some important changes but it's required :(
Are you including those important changes in 2.2.1 ?
I've need your opinion on one point: who should be displayed the "show variables", and "show processlist" at the main right frame? Super-users only (ie those than can use the "mysql" db)? Those who do not have "only_db" set (but may be associated some restrictions with the mysql priv. system)? All users?
I think we should not be more restrictive or less restrictive that MySQL itself. Those commands work for a normal user.
Even if the links are not displayed in main, would you intercept those commands coming from a query box?
Marc
Marc Delisle a écrit :
I think we should not be more restrictive or less restrictive that MySQL itself. Those commands work for a normal user.
Even if the links are not displayed in main, would you intercept those commands coming from a query box?
I agree with Marc. I believe phpMyAdmin should not introduce some more restriction layer between users and MySQL.
The reason I believe that is (of course) because I think there would in most cases be some workaround to bypass those PMA introduced restrictions. So it would be useless in most cases and may lead some (not so good) admin to think its system forbids something that is actually not forbidden.
Benjamin
-
Benjamin Gandon -
Loïc -
Marc Delisle