[wp-trac] [WordPress Trac] #27052: Known admin user_id ( = 1 ) could lead to security problems and/or unwanted side-effects
WordPress Trac
noreply at wordpress.org
Sun Feb 9 10:19:07 UTC 2014
#27052: Known admin user_id ( = 1 ) could lead to security problems and/or unwanted
side-effects
-------------------------------------------------+-------------------------
Reporter: ruud@… | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting
Component: Upgrade/Install | Review
Severity: normal | Version: 3.8
Keywords: has-patch needs-testing 2nd-opinion | Resolution:
| Focuses:
-------------------------------------------------+-------------------------
Comment (by SergeyBiryukov):
Replying to [comment:4 ruud@…]:
> Also: when somehow an attacker has SQL injection 'capabilities' on your
install than a random admin user_id probably won't help out much because
via the user_meta table and a 'wp_capabilities' test for any serialized
administrator object will still get the attacker an admin user_id.
Correct.
> Another security risk alley is when an attacker can not do SQL
injection, but can become any user by ID. In that scenario it is too ease
to be an admin if you can still use ID=1.
It would still be trivial to find out an admin ID using a brute-force
attack.
So a random admin ID doesn't add any real protection and appears to be a
security through obscurity technique, which we generally don't endorse.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/27052#comment:5>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list