It should be fine, but it gives me the willies. I'm an infosec specialist by trade, so it makes my spider sense tingle. I've been all about the separate admin applications these days for externally facing applications. DRY? Not exactly. But safer.
On Wed, Feb 25, 2009 at 4:31 AM, Jason Keenan <[email protected]>wrote: > I've added the ability for the first registered user to automatically > become an admin by adding these three lines > > if User.count < 1 > u.is_admin = true > end > > to accounts_controller.rb in the signup method > > Does anyone think this would pose a security risk?? > > Jason > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Lovd by Less" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/lovdbyless?hl=en Who loves ya baby? -~----------~----~----~----~------~----~------~--~---
