With the client�s consent, I build a backdoor into my Alpha applications for system support purposes. This is accomplished in the following manner:
I consider these �hidden� accounts to be essential for providing ongoing support to the client�s system. However, it would be unethical for me not to make it clear to the client from the beginning that I will take this approach.
Terry
- User information is maintained in a MySQL data table that is linked by username to the Alpha security tables.
- I create a system support account for each security group so that I can login as a member of the desired group and see exactly what client users in that group are seeing.
- My system support accounts are added to the Alpha security tables but are not included in the MySQL user table. This allows the client, as a member of the administrative group, to add new users to the MySQL user table and to manage their security. Because my system support accounts are not included in the MySQL user table, they are invisible to the client and cannot be changed by the client.
- I generally add my system support accounts during development using the developer security features. However, they can be added after deployment if the system support user records are then removed from the MySQL table using Navicat or other similar tool.
I consider these �hidden� accounts to be essential for providing ongoing support to the client�s system. However, it would be unethical for me not to make it clear to the client from the beginning that I will take this approach.
Terry