Why does the WPMU Dev Dashboard not use an option to provide access to other site members?


Although an interesting approach, the idea of writing a line to wp-config.php to allow for additional site members to have access to the WPMU Dev Dashboard plugin, it would likely be more secure for that to be an option on the manage page.

The idea is this, if someone realizes this method is in play and gains access to the necessary files, they would be able to very easily (and quite secretly for the most part) be able to grant themselves access without the true site (super-)administrators having any knowledge whatsoever without a very in-depth (and perhaps quite costly) security analysis.

PS: I only ask this because it was quite by accident that I discovered it was even an “option” to add in the first place. The other point being (without looking at the code) what if the site admin already deleted the “admin” account? EAC.