[wp-hackers] Security at Wordpress

[Brian Layman]

Elliotte Rusty Harold countered with:
> There's also an option 5 that's been proposed, allowing Undo rather than 

Yes.  That forces an attack to be multiple steps.  Any delete attack must
involves emptying the bin too for the damage to be permanent.

Because the current nonce design is action specific, it offers protection
against that.  You can't delete and flush/empty at the same time.

> Defense in depth is a good thing.
Agreed.