[wp-hackers] Another anti-spam technique

Kimmo Suominen kim at tac.nyc.ny.us
Thu Oct 28 15:37:27 UTC 2004 

Actually, I have neither a writable index.php nor a writable .htaccess
file, and WP works just fine.  I'm hoping that no features are added
that _require_ a writable file or directory.

I know a lot of software written in PHP (including WP) is designed so
that all the code is inside $DOCUMENTROOT.  This is also the source of a
lot of exploits, as files that don't need to be available through direct
URL's can be called that way, without the code in it being prepared for
that (and thus possibly bypassing security controls, or using global
variables directly from the HTTP request).

I'm very happy with the current direction WP is going, where index.php
is becoming the single point of access.  I haven't checked if that
is already completely the case, but at least everything in .htaccess
now only refers to index.php.  Maybe one day the /wp/ directory could
be moved outside $DOCUMENTROOT, and just be accessed through PHP's
include_path alone.

All the code I've written has a single "API" for URL's, generally an
"index.php" file, and all the auxiliary code is found using "require"
statements and something like this in the .htaccess file:

    php_value include_path "/u/kim/.www/php"

My $DOCUMENTROOT is set to /u/kim/.www/htdocs, and any code that must
write to the filesystem has been instructed to do so in /u/kim/.www/tmp
(again, outside $DOCUMENTROOT).

Regards,
+ Kim
-- 
<A HREF="http://kimmo.suominen.com/">Kimmo Suominen</A>

On Thu, Oct 28, 2004 at 04:01:26PM +0100, Donncha O Caoimh wrote:
> It doesn't matter - the default for new installations is that the 
> install directory will probably be writable by the web server. There are 
> no checks afterwards AFAIK.
> And anyway, you've got a writable index.php file, so there's no more 
> harm having a .htaccess file writable in that directory...
> 
> Donncha.
> 
> Jamie Talbot wrote:
> >Kimmo Suominen wrote:
> >| If the web server is to create files, there needs to be a specific
> >| directory that has permissions to do so, and the code has to work
> >| (using a fallback to the current behaviour, or something) even if that
> >| directory is not writable (or does not exist).
> >|
> >| I'm more concerned that someone manages to upload a script to the web
> >| server and run it, than that I have to moderate spam...
> >
> >Yup, good point, well made :D Scratch that idea then!
> 
> _______________________________________________
> hackers mailing list
> hackers at wordpress.org
> http://wordpress.org/mailman/listinfo/hackers_wordpress.org
>

More information about the hackers mailing list