[wp-trac] [WordPress Trac] #43175: Discussion - Pseudonymisation
WordPress Trac
noreply at wordpress.org
Tue Apr 24 18:04:26 UTC 2018
#43175: Discussion - Pseudonymisation
-------------------------+------------------------------
Reporter: xkon | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version:
Severity: normal | Resolution:
Keywords: gdpr | Focuses:
-------------------------+------------------------------
Comment (by David 279):
Replying to [comment:9 iandunn]:
>
> Can you cite the section of GDPR that says it needs to be on a separate
server? I couldn't find it, and am curious to read the details.
>
> In addition to separate servers not being practical from Core's
perspective (comment:7), I'm also skeptical of how much security would be
gained added. If an attacker finds a vulnerability that allows them to
modify the database, but not the filesystem, then in most cases they can
just change the password of an existing admin, log in, and upload a
malicious plugin.
>
> If they find a vulnerability where they gain access to the file system
but not the database, then they can easily grab the database credentials
from `wp-config.php` and make queries through PHP.
Annoyingly I can't find the document I had last week stating that the
encryption key should not be kept in the same location as the encrypted
data
This is not in the GDPR YET but is being looked at by the group that keeps
the GDPR as an ongoing thing, so it doe not need to be sorted by May 25th
but given the numerous data breaches over the last few years I think you
can safely be confident that this will filter through fairly quickly
--
Ticket URL: <https://core.trac.wordpress.org/ticket/43175#comment:12>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list