[wp-trac] Re: [WordPress Trac] #3807: Admin Functions Denying Access with "You don't have permission to do that"

WordPress Trac wp-trac at lists.automattic.com
Mon Jun 4 20:35:14 GMT 2007


#3807: Admin Functions Denying Access with "You don't have permission to do that"
-----------------------------------------------+----------------------------
 Reporter:  seanwedig                          |        Owner:  anonymous   
     Type:  defect                             |       Status:  new         
 Priority:  normal                             |    Milestone:  2.4 (future)
Component:  Administration                     |      Version:  2.1         
 Severity:  major                              |   Resolution:              
 Keywords:  permissions has-patch 2nd-opinion  |  
-----------------------------------------------+----------------------------
Comment (by mdawaffe):

 To clarify, switching to use only $_COOKIE authentication (i.e. without
 nonces or the $_POST trick above) would be less secure and could open up a
 hole.

-- 
Ticket URL: <http://trac.wordpress.org/ticket/3807#comment:6>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list