On Thu, Aug 6, 2009 at 1:05 PM, Chadinnocentkiller@gmail.com wrote:
HM is right on what these users are for. Some (not all) maintenance scripts require higher permissions than your normal $wgDBuser, so $wgDBadminuser is supposed to have those privileges.
$wgDBuser needs to have DELETE rights on pretty much all tables, so what's the security gain of bothering with a different user for ALTER TABLE/CREATE TABLE/etc.? $wgDBadminuser doesn't need to be able to create new databases or reconfigure replication or anything, right?