[wp-trac] Re: [WordPress Trac] #5367: Wordpress cookie
authentication vulnerability
WordPress Trac
wp-trac at lists.automattic.com
Sat Dec 8 21:54:15 GMT 2007
#5367: Wordpress cookie authentication vulnerability
-------------------------------------+--------------------------------------
Reporter: sjmurdoch | Owner: westi
Type: defect | Status: assigned
Priority: normal | Milestone: 2.4
Component: Security | Version: 2.3.1
Severity: normal | Resolution:
Keywords: security, password, md5 |
-------------------------------------+--------------------------------------
Comment (by westi):
Replying to [comment:37 ryan]:
> Any objections? I'll commit this soon so testers can have a look at it.
We can tweak it from there.
I am not completely happy that the new cookie scheme doesn't handle the
issue whereby someone with read access to the database can generate a
valid cookie - in general users are not going to update the SECRET define
and so won't benefit from it.
What are the timeouts on the cookies it looks like 2 days or 14 days if I
do my maths right - would we not do better with a shorter expiry time and
resetting the cookie on every admin page access with a new expiry.
I think it would be nice to combine the two methods - an authentication
cookie which authenticates the user has provided valid login credentials
and the timeout functionality of this session cookie.
--
Ticket URL: <http://trac.wordpress.org/ticket/5367#comment:38>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list