Man, there's a type of dev that will just take every shortcut going.
No it is not alright for your web app to have root DB access. Do it properly.
There are, for example, some users I've encountered that believe every CLI command must be prefixed with 'sudo' because they've never learnt what privileges are all about.
I think this happens because the dev needs to create a MySQL user so they google that, and the how-tos show how to make a superuser account, so that's what they do.
"Much good work is lost for the lack of a little more."
@sullybiker One of the distros I use does not permit sudo for that explicit reason as such behaviour opens the door to rampant abuse. If the user needs root privileges, they're going to have to enter their password every single time.
@PeteMoss It's strange how technology shapes usage, then usage shapes technology.
Specifically this attitude came from Windows, and over time Linux - in trying to expand it's reach - started to embrace the idea of the (super)user.
@PeteMoss It's drive development too, more middleware and bigger black boxes (systemd) because standardization and usability trumps all.
@PeteMoss And it matters less that people have at least a basic understanding of what their computer is doing.
Same sort of user that uses root for every damn thing. I think Ubuntu's 'how to' culture is partially to blame here, as it inculcates this practice of casually sudo'ing all over the place, like a dog pissing on every lamp post.