[wp-trac] Re: [WordPress Trac] #3807: Admin Functions Denying
Access with "You don't have permission to do that"
WordPress Trac
wp-trac at lists.automattic.com
Mon Jun 4 20:35:14 GMT 2007
#3807: Admin Functions Denying Access with "You don't have permission to do that"
-----------------------------------------------+----------------------------
Reporter: seanwedig | Owner: anonymous
Type: defect | Status: new
Priority: normal | Milestone: 2.4 (future)
Component: Administration | Version: 2.1
Severity: major | Resolution:
Keywords: permissions has-patch 2nd-opinion |
-----------------------------------------------+----------------------------
Comment (by mdawaffe):
To clarify, switching to use only $_COOKIE authentication (i.e. without
nonces or the $_POST trick above) would be less secure and could open up a
hole.
--
Ticket URL: <http://trac.wordpress.org/ticket/3807#comment:6>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list