[wp-trac] [WordPress Trac] #11306: Option to disable theme/plugin editor
WordPress Trac
wp-trac at lists.automattic.com
Wed Dec 2 16:51:50 UTC 2009
#11306: Option to disable theme/plugin editor
-----------------------------+----------------------------------------------
Reporter: kchrist | Owner:
Type: feature request | Status: new
Priority: normal | Milestone: Unassigned
Component: General | Version:
Severity: normal | Keywords:
-----------------------------+----------------------------------------------
Allowing editing of executable code via a web interface is a potential
security risk.
In a suexec/suphp environment where the code runs as the user who owns it,
if a site's admin password has been compromised, an attacker can modify
theme/plugin files to execute arbitrary code. This can range from things
like adding spam links up to performing attacks on the server,
modifying/deleting other files owned by the same user, and so on.
This risk can be prevented by using mod_php instead of CGI, but that's
becoming rare in shared hosting environments. It can also be mitigated by
using strong passwords and following taking security precautions but let's
be honest, the vast majority of people don't.
I'd like to see a config option one could add to wp-config.php, something
like WP_DISABLE_CODE_EDITOR or whatever. Disabling the editor via a plugin
is useless because if an attacker has access to the WP admin, they can
disable plugins at will.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/11306>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list