On 9 Ago 2010 19h00 WEST, [email protected] wrote:
Thanks, Andrew - I think I'll implement the current version of Masquerade for the moment (great module, btw - I use it on all of my dev sites) and then work on integrating this functionality in a patch when I've got more time - will allow me to learn more about Drupal security, too. Masquerade is a "brand" module in my view so there's really no need to fork it. --Jim
You might also consider admin role http://drupal.org/project/adminrole, in slightly different vein. It allows to concede other users some of the powers of UID 1. You can't run update.php with it. But it allows you to exercise some degree of latitude in allocating privileges on a Drupal site. Usually when you enable a new module the users with role "administrator" inherit all the privileges regarding that module permissions. It's a different route. I don't think that sudo <everything> like Ubuntu does is a good policy. You tend to loose the perspective on how powerful the sudo facility is IMO. HTH, --- appa
