[NCUC E-team] E-team moving forward
Tapani Tarvainen
ncuc at tapani.tarvainen.info
Mon Apr 24 12:58:54 CEST 2017
On Apr 24 09:51, James Gannon (james at cyberinvasion.net) wrote:
> And I'll note that I raised issue with Tapani on the use of the PHP
> plugin that was why he sent the mail to the list, I don’t like using
> PHP injection even via short code as I see it as a security risk
Using Wordpress in the first place is a security risk. :-)
As for risks with this particular plugin:
* There could be bugs in the plugin code, of course. I don't see
that as significantly more likely or dangerous than bugs in other
plugins or the theme used, in particular not the kind of bugs that
could result in a security hole.
* There could be bugs in the actual PHP snippets used. This would be a
real danger if the snippets were large and complicated or poorly
written and accessible from without. The ones I now used, however,
are very simple and take no input from outside the server itself.
(I did think about possible attack vectors. I couldn't come up with
anything even close as likely as a zero-day in WP core or Apache.)
* As far as I know there're no plans to allow comments or any other
arbitrary input from unauthorized sources, so even if the snippets
were buggy they could not be triggered in unplanned contexts by
attackers. (In general, comments and other free-to-world input forms
are the primary entry point for vast majority of website attacks.
Without anything like that security is much easier.)
So I think the risk in case is acceptably small.
And the site isn't in production yet, and this was a quick, easily
reversible change.
But of course we could do without the plugin or any other PHP code
insertion mechanisms if we want.
Besides the working team / mailing list sync now in place, the other
use for the snippets would be member listings and statistics.
If we decide those aren't needed then the problems goes away.
Or we could use some other mechanism for doing those. I can think of a
few, generally either more laborious to do or compromises in one way
or another. But I've obviously no objection if you want to implement
this in a safer way.
--
Tapani Tarvainen
More information about the E-team
mailing list