[wp-trac] [WordPress Trac] #39309: Secure WordPress Against Infrastructure Attacks
WordPress Trac
noreply at wordpress.org
Wed Jul 10 07:00:02 UTC 2019
#39309: Secure WordPress Against Infrastructure Attacks
------------------------------------------+---------------------
Reporter: paragoninitiativeenterprises | Owner: pento
Type: task (blessed) | Status: closed
Priority: normal | Milestone: 5.2
Component: Upgrade/Install | Version: 4.8
Severity: critical | Resolution: fixed
Keywords: has-patch | Focuses:
------------------------------------------+---------------------
Comment (by pento):
Thanks for the summary, @dd32!
This is getting well outside of the scope of something I'd be comfortable
with us building, particularly as non-experts in package signing.
Ideally, there would be package signing libraries that would handle a lot
of the process around this, particularly with regards to key expiry dates,
forcing early expiration, and trusting key chains. (Is anyone aware of
such a library we could use?)
It also seems like we need documentation of best practices for the systems
side of things, preferably something that can be adopted wholesale, or
with minimal modification for our purposes.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/39309#comment:90>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list