lcrocker@nupedia.com wrote:
There are also a handful of 'developer' features available only to a few of the programmers for purposes of finding and fixing bugs: database queries, showing the PHP configuration variables, and enabling/disabling a read-only mode to prevent edits to the database in the middle of certain upgrades. --Brion VIBBER ยป
Sysops can do "SELECT" queries on the database. Only developers can do updates and deletes.
There had been some discussion a while ago of changing that and restricting all direct DB access to developers; I guess I got it mixed up with the implementation in my memory. As I recall the points of contention were:
1) Users' passwords were stored in the database in plaintext. (Since changed; hashes are now stored so they aren't much good if you get them.)
2) The number of 'sysop's is rapidly rising, and the chances of somebody accidentally (or maliciously) performing a slow, complex query that tied up the database for a long time would increase.
-- brion vibber (brion @ pobox.com)