[wp-trac] Re: [WordPress Trac] #2591: users can enter dangerous
serialized strings
WordPress Trac
wp-trac at lists.automattic.com
Thu Mar 23 19:31:54 GMT 2006
#2591: users can enter dangerous serialized strings
-----------------------+----------------------------------------------------
Id: 2591 | Status: new
Component: Security | Modified: Thu Mar 23 19:31:54 2006
Severity: normal | Milestone: 2.1
Priority: normal | Version: 2.0.2
Owner: anonymous | Reporter: random
-----------------------+----------------------------------------------------
Comment (by skeltoac):
random's suggestion is one I've also proposed. The counter-argument was
that it would make it difficult for non-PHP scripts to make use of string
data in our options tables.
I think it's pretty trivial to parse a PHP serialized string, so we
shouldn't worry about non-PHP programs integrating with our options
tables. Serializing every option is fine by me.
--
Ticket URL: <http://trac.wordpress.org/ticket/2591>
WordPress Trac <http://wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list