On Nov 19, 2008, at 11:17 PM, Adrian Crum wrote:
--- On Wed, 11/19/08, David E Jones <[EMAIL PROTECTED]>
wrote:
From: David E Jones <[EMAIL PROTECTED]>
Subject: Re: framework release, icky internal dep
To: dev@ofbiz.apache.org
Date: Wednesday, November 19, 2008, 7:57 PM
We should probably just move the admin account data (the
parts that are framework specific, ie the partyId and such
should stay higher level) to the common component or
something.
In real life though, this is only useful for demonstration
and technically no "admin" account should ever
exist, only accounts for specific individuals. This is a
good general practice and necessary for things like PCI
compliance.
Seriously? If you have a framework-only installation, how would you
log in to the framework without at least one user login? Even
operating systems give you one login to start off with.
That may be true of operating systems in days of yore, but these days
the generally accepted practice is for NO ONE to use the root account,
except perhaps for low-level system maintenance, and instead use
"sudoers" and other similar concepts, ie users that have
administrative privileges. I think it's for the same reason as used in
PCI stuff, namely funny words like "traceability" and "auditability"
and "analenablement" (note: one of those three is a joke ;) ).
-David
