[wp-trac] [WordPress Trac] #20195: Plugins uninstall.php
WordPress Trac
wp-trac at lists.automattic.com
Mon Apr 30 18:56:02 UTC 2012
#20195: Plugins uninstall.php
--------------------------+------------------------------
Reporter: wpsmith | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Plugins | Version:
Severity: major | Resolution:
Keywords: dev-feedback |
--------------------------+------------------------------
Comment (by wpsmith):
Using the constant WP_UNINSTALL_PLUGIN is a good idea. It definitely
prevents one from accessing the file directly. However, any plugin can set
WP_UNINSTALL_PLUGIN and uninstall plugins at their leisure without using
WP_Filesystem, which granted may not be secure, but it is also not the
best or recommended method. I was just thinking that a little hardening
wouldn't hurt.
I would also like to second scribu's suggestion to enable to customize the
uninstall with a custom message.
Replying to [comment:5 nacin]:
> Replying to [comment:4 lightningspirit]:
> > As they have access to a fully loaded WordPress environment they can
''fully'' execute uninstall.php. That can be a security break. I think we
should check for referer or use the nonces API too...
>
> No, this is not a security breach. The security breach is having access
to a fully loaded environment in the first place. Once they are there,
they can also fully execute raw database queries and delete files all they
want. Forget uninstall.php, how about $wpdb->query("DROP TABLE
$wpdb->posts")?
--
Ticket URL: <http://core.trac.wordpress.org/ticket/20195#comment:6>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list