[NCUC E-team] E-team moving forward

Tapani Tarvainen ncuc at tapani.tarvainen.info
Mon Apr 24 12:58:54 CEST 2017


On Apr 24 09:51, James Gannon (james at cyberinvasion.net) wrote:

> And I'll note that I raised issue with Tapani on the use of the PHP
> plugin that was why he sent the mail to the list, I don’t like using
> PHP injection even via short code as I see it as a security risk 

Using Wordpress in the first place is a security risk. :-)

As for risks with this particular plugin:

* There could be bugs in the plugin code, of course. I don't see
  that as significantly more likely or dangerous than bugs in other
  plugins or the theme used, in particular not the kind of bugs that
  could result in a security hole.

* There could be bugs in the actual PHP snippets used. This would be a
  real danger if the snippets were large and complicated or poorly
  written and accessible from without. The ones I now used, however,
  are very simple and take no input from outside the server itself.
  (I did think about possible attack vectors. I couldn't come up with
  anything even close as likely as a zero-day in WP core or Apache.)

* As far as I know there're no plans to allow comments or any other
  arbitrary input from unauthorized sources, so even if the snippets
  were buggy they could not be triggered in unplanned contexts by
  attackers. (In general, comments and other free-to-world input forms
  are the primary entry point for vast majority of website attacks.
  Without anything like that security is much easier.)

So I think the risk in case is acceptably small.

And the site isn't in production yet, and this was a quick, easily
reversible change.

But of course we could do without the plugin or any other PHP code
insertion mechanisms if we want.

Besides the working team / mailing list sync now in place, the other
use for the snippets would be member listings and statistics.
If we decide those aren't needed then the problems goes away.

Or we could use some other mechanism for doing those. I can think of a
few, generally either more laborious to do or compromises in one way
or another. But I've obviously no objection if you want to implement
this in a safer way.

-- 
Tapani Tarvainen



More information about the E-team mailing list