[wp-trac] [WordPress Trac] #2964: Manage > Files may give access to
password protected folders
WordPress Trac
wp-trac at lists.automattic.com
Sat Jul 22 00:45:35 GMT 2006
#2964: Manage > Files may give access to password protected folders
----------------------+-----------------------------------------------------
Reporter: PozHonks | Owner: anonymous
Type: defect | Status: new
Priority: normal | Milestone: 2.0.4
Component: Security | Version: 2.0.3
Severity: normal | Keywords:
----------------------+-----------------------------------------------------
In Manage > Files, one can edit any files on the server but wp-config.php.
It even accesses to files in folders protected by a password. E.g.: we can
access to "/secret/.htaccess", WP shows it, in this file, we see the path
to the .htpasswd file, access to it, change the password, or worse, delete
the path to the password so the folder is free for reading to anyone.
Plus, it is also possible to edit the .htaccess to display a list of files
even if an index file is present. So all files are accessible.
If a hacker enters into wordpress by guessing the admin password, he may
get access to almost everything. Is it a security flaw?
My server is hosted on Linux with Apache, but, changing chmod to 644 (for
a file even 444) or 744 (for a folder) doesn't prevent the server from
modifying or accessing to files, because the PHP server rights are not
managed that way as in many other webhosts, unfortunately.
--
Ticket URL: <http://trac.wordpress.org/ticket/2964>
WordPress Trac <http://wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list