[Phpmyadmin-devel] Suggestion
Marc Delisle
DelislMa at CollegeSherbrooke.qc.ca
Mon Oct 22 10:11:08 CEST 2001
Loïc a écrit :
>
> Hi List!
>
> I suggest to use the attached version of "common.lib.php3" for the plain
> 2.2.1 release. It does not contains many changes (it's just a kind of
> "temporary" improvement") but it allows:
> - to fix bug #472201(denied to mysql user db. AdvAuth failed.) that
> is a true problem indeed: requiring each user to have "select" privilege
> on the "mysql" db is not a so good idea;
Ok, your new common.lib.php3 removes the need for stduser/stdpass. It works well
here. Good work!
You must be aware that there is a difference between this 2.2.1 and 2.2.0
regarding the display of the Create Database box. A user which only has a create priv
on a non-existant db, would not get the box. I don't know if this is important,
because I hope that sysadmins will use this setting:
$cfgAllowUserDropDatabase = FALSE;
so the possibility of users deleting their own db and then wanting to recreate it
is reduced.
I would be ready to accept this minor problem because the patch adds security
and removes the stduser constraint.
> - to really skip all the "get dbs list from the mysql db" if
> $cfgServers[i]['only_db'] is set.
Seems to work ok. A small point: I lose the Logout link when only_db is set.
>
> Could you try it and tell me what your opinions about it are?
>
> Thanks,
> Loïc
>
> ----------------------------------------------------------------------------------------------------
> Name: common.lib.tar.gz
> common.lib.tar.gz Type: Unix Tape Archive (application/x-tar)
> Encoding: base64
--
Marc Delisle
Service de l'informatique
Collège de Sherbrooke, Québec
More information about the Developers
mailing list