Database Administration Module Permissions

To quote from the module's documentation:

If a user is granted (or manages to acquire) 'dba administer database' permissions, they are able to directly alter the database. At minimum, they are able to modify data, and possibly to drop tables. Depending on how you have defined your database permissions, the user may also be able to modify other databases unrelated to your Drupal installation. Use at your own risk!

Clearly, the Dba Administer Database permission is not to be granted lightly. The second permission that this module defines is Dba View Database, which allows users possessing it the chance to see the contents of the entire database. This includes user e-mail, the encrypted hash of user passwords, any private profile information, and so forth. Judicious use of this module and sparing grants of these two permissions are advised.

0 0

Post a comment