[wp-trac] Re: [WordPress Trac] #2591: users can enter dangerous
serialized strings
WordPress Trac
wp-trac at lists.automattic.com
Fri Mar 24 05:16:18 GMT 2006
#2591: users can enter dangerous serialized strings
-------------------------+--------------------------------------------------
Id: 2591 | Status: assigned
Component: Security | Modified: Fri Mar 24 05:16:18 2006
Severity: normal | Milestone: 2.1
Priority: normal | Version: 2.0.2
Owner: markjaquith | Reporter: random
-------------------------+--------------------------------------------------
Changes (by markjaquith):
* status: new => assigned
* owner: anonymous => markjaquith
Comment:
Okay, I kludged it and made it skip serialization on options.php
Also, user options are now serialized on update, which is really the area
where there is the most danger of a malicious attack (someone with a
subscriber profile inserts a 1 million member array and crashes the
server).
I thought of other ways of avoiding double serialization... there are GPL
is_serialized() functions floating around, but they'd likely leave
openings for abuse, as well as cause a lot of extra cycles on option
updates... so a kludge for /wp-admin/options.php might actually be the
best way. Thoughts?
--
Ticket URL: <http://trac.wordpress.org/ticket/2591>
WordPress Trac <http://wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list