[wp-trac] [WordPress Trac] #11407: Make WP insist that the user upgrades the site after a certain amount of time
WordPress Trac
wp-trac at lists.automattic.com
Sat Dec 12 16:34:04 UTC 2009
#11407: Make WP insist that the user upgrades the site after a certain amount of
time
-------------------------------+--------------------------------------------
Reporter: Denis-de-Bernardy | Owner: ryan
Type: enhancement | Status: new
Priority: normal | Milestone: 3.0
Component: Security | Version:
Severity: normal | Keywords:
-------------------------------+--------------------------------------------
Comment(by Denis-de-Bernardy):
Replying to [comment:2 caesarsgrunt]:
> And this shouldn't be shown except for those with permissions allowing
them to upgrade; low-permission users should have an undisrupted admin
(with the current small notice at the top).
Actually, I tend to disagree here. Unless I'm mistaking, the latest series
of security issues all involved non-privileged users who escalated
themselves as admin users. So if we go the route of preventing the admin
area from working at all (which I'd +1, personally), it should really be
entirely, for every user.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/11407#comment:3>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list