[wp-trac] [WordPress Trac] #52544: Removing database tables allows anyone to take over all website files
WordPress Trac
noreply at wordpress.org
Wed Mar 31 16:53:04 UTC 2021
#52544: Removing database tables allows anyone to take over all website files
-----------------------------+------------------------------
Reporter: winternetstudio | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Security | Version: 5.6.1
Severity: major | Resolution:
Keywords: | Focuses:
-----------------------------+------------------------------
Comment (by m0ze):
Replying to [comment:13 winternetstudio]:
> So you think WordPress couldn't care less about protecting against user
errors (or in your words, dumb users like me) even though it easily could.
If this is a very common mistake/error, why not? But when these are
isolated cases, then, rather, the users themselves need to be more
attentive to their own projects.
If you try to please every inexperienced or inattentive user, the engine
will acquire a lot of unnecessary options and warnings, as has already
happened with the theme and plugin editor, and with changing the website
administrator's email, and with some other functionality. In other words,
favorable conditions are created for a beginner to remain a beginner, and
this is a very bad vector for the development of any system.
Moreover, practice shows that such "safety" options help some users, but
start to interfere with others. The only humor is that no one will remove
the added options.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/52544#comment:14>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list