14 Jan
2008
14 Jan
'08
3:38 p.m.
On Jan 14, 2008, at 3:28 PM, Paul Libbrecht wrote:
Except superadmin has all rights which others should be restricted
to have fairly quickly.
Actually I'm not sure if there's something you can do with superadmin
that you cannot do with a user that has admin rights. Anyway we're
talking about installing xwiki here and all I'm telling you is that
you don't need that extra step of enabling superadmin for that and in
addition you won't forget and disabling it later on if you don't
intend to use it.
[snip]
-Vincent
Le 14 janv. 08 à 15:18, Vincent Massol a écrit :
Looks better.
Erm... with which user since I have never logged-in yet ?
If you have an empty DB you don't need a user to log in to get admin
rights as explained above.
But the
database gets filled right way, doesn't it ?
Ok I wasn't precise enough. Since XWiki doesn't see security
classes (like XWiki.XWikiRights) it sets itself into no security
mode. it's only when you import those classes that suddenly it
starts checking rights. So we
loose admin rights fairly easily (eg. changing browsers).
What? I don't
understand what you're saying. What does this have to
do with browsers? Only thing you may loose by changing browsers are
the cookies but that's just a convenience you can always log in
again with your user... I did
not really experience what you describe, maybe I changed
browsers halfway, in doubt that Safari or OmniWeb was imperfectly
supported.
In all cases, how long should this admin right last ? The method
seems slightly unsafe to my taste. I really prefer to take a stab
at the config.
That won't change anything at all. All you'd do by enabling the
superadmin user is introduce a security hole.