[wp-hackers] Security at Wordpress
John Joseph Bachir
jjb at ibiblio.org
Mon Apr 24 17:02:58 GMT 2006
On Mon, 24 Apr 2006, Elliotte Harold wrote:
> The core team seems to want to implement a complex nonce based solution.
> I suspect there's a simpler, more robust solution using POST instead of
> GET.
Just on the subject of nonces and POST... even if all side-effect actions
used POST, there are still security vulnerabilities that a nonce system
will defeat. One example is making a webpage that looks just like the
admin interface but isn't, and then using social engineering to get the
victim (who has an authorization cookie) to use the impostor form.
(checking admin referers also defeats some or all of these cases as well)
John
----
aim/yim/msn/jabber.org: johnjosephbachir
713.494.2704
irc://irc.freenode.net/lyceum
http://lyceum.ibiblio.org/
http://blog.johnjosephbachir.org/
More information about the wp-hackers
mailing list