lcrocker(a)nupedia.com wrote:
There are also
a handful of 'developer' features available only
to a few of the programmers for purposes of finding and fixing
bugs: database queries, showing the PHP configuration variables,
and enabling/disabling a read-only mode to prevent edits to the
database in the middle of certain upgrades. --Brion VIBBER ยป
Sysops can do "SELECT" queries on the database. Only developers
can do updates and deletes.
There had been some discussion a while ago of changing that and
restricting all direct DB access to developers; I guess I got it mixed
up with the implementation in my memory. As I recall the points of
contention were:
1) Users' passwords were stored in the database in plaintext. (Since
changed; hashes are now stored so they aren't much good if you get them.)
2) The number of 'sysop's is rapidly rising, and the chances of somebody
accidentally (or maliciously) performing a slow, complex query that tied
up the database for a long time would increase.
-- brion vibber (brion @
pobox.com)