Heine

If you spend a lot of time exclusively in one Drupal version, you develop muscle memory for its API. This can be pretty dangerous as I caught myself writing the following menu item while backporting a Drupal 6 module.

Note the array('adminster foo') instead of user_access('administer foo'). As non-empty arrays evaluate to TRUE in non-strict comparisons this is equivalent to 'access' => TRUE, granting access to all users.

Because I do not believe in the "Found a bug? Blog about it!"-approach to bugfixing, I filed #472160, but still wanted to share.