Thanks Antonio - and yes, I use adminrole.module on all of my sites too - another "brand" module in my view. Does anyone know if adminrole.module and masquerade.module are integrated? Or whether such integration is straightforward/desirable?
I'm thinking specifically of masquerade.module + (security patch) integrating with adminrole.module, to provide a one-click solution to the problem I originally described. --Jim -- My IM and Skype details are at http://state68.com/contact 2010/8/9 Antonio P. P. Almeida <[email protected]> > On 9 Ago 2010 19h00 WEST, [email protected] wrote: > > Thanks, Andrew - I think I'll implement the current version of >> Masquerade for the moment (great module, btw - I use it on all of my >> dev sites) and then work on integrating this functionality in a >> patch when I've got more time - will allow me to learn more about >> Drupal security, too. Masquerade is a "brand" module in my view so >> there's really no need to fork it. >> >> --Jim >> > > You might also consider admin role > http://drupal.org/project/adminrole, in slightly different vein. It > allows to concede other users some of the powers of UID 1. You can't > run update.php with it. But it allows you to exercise some degree of > latitude in allocating privileges on a Drupal site. Usually when you > enable a new module the users with role "administrator" inherit all > the privileges regarding that module permissions. > > It's a different route. I don't think that sudo <everything> like > Ubuntu does is a good policy. You tend to loose the perspective on how > powerful the sudo facility is IMO. > > HTH, > --- appa > >
