[Phpmyadmin-devel] Re: prevent users from seeing status and variables, why?

Marc Delisle Marc.Delisle at cegepsherbrooke.qc.ca
Fri Nov 11 05:25:04 CET 2005

Michal Čihař a écrit :
> Hi
> On Fri 11. 11. 2005 09:02, Sebastian Mendel wrote:
>>the difference of phpinfo() with the other settings below is, that
>>this should depend on if the user is 'superuser' on the 'localhost'!
>>if i have a local PMA installation to manage localhost(user:root),
>>intra.myweb.de(user:web) and www.myweb.de(user:web) - phpinfo() is
>>hidden only if i select one of the two external servers - but without
>>any reason
> There is no relation on being superuser in mysql and beeing able to have 
> information about webserver. I'd leave this only on config option.
> So my suggestion:
> Drop $cfg['ShowMysqlInfo'] and $cfg['ShowMysqlVars'] and show them in 
> all cases. Drop $is_superuser condition from showing php info.

Ok for me.

More information about the Developers mailing list