[wp-hackers] Disabling Tools->Export

Dion Hulse (dd32) wordpress at dd32.id.au
Wed Jun 27 13:37:41 UTC 2012


At the same time, any constant in core would simply be defaulting that
cap to false - which is exactly what the existing constants do
(DISALOW_FILE_EDIT, DISALOW_UNFILTERED_HTML, etc), any plugin could
technically override these or ignore them and do something anyway..
http://core.trac.wordpress.org/browser/trunk/wp-includes/capabilities.php#L1129
(So there you go, you should be using the map_meta_cap filter to deny
the cap on, not the one i posted before)

WordPress plugins come down to trust, you have to trust that a plugin
is doing something right..
The filter priorities are there not just for ordering of actions, but
to say "I really intend on this being the highest priority possible"..
plugins should more often than not, choose 15 rather than 100 as their
"higher than default" priority for example, you have to trust that a
plugin hasn't just said "Ok, lets run after the core code runs, lets
use 99999999.."



On 27 June 2012 23:24, Harry Metcalfe <harry at dxw.com> wrote:
> It's not so much that I'm concerned that it would happen maliciously -
> clearly, if they can install plugins, we're already screwed. It's more that
> a plugin we want to install might re-add the capability without us knowing.
>
> It is certainly not a major risk, but it is also not much work to mitigate
> it completely -- 3 lines of code and a paragraph on the codex.
>
> It just seems a bit fragile to use a plugin to enforce something that any
> other plugin could simply remove.
>
>
>
> On 27/06/12 14:19, Mike Little wrote:
>>
>> Also Harry, if someone has the ability to load and activate plugins, they
>> have the ability to extract the DB credentials from wp-config.php and
>> write
>> their own DB dump code. So no flag in the core of WordPress would prevent
>> that.
>>
>> Put your code to disable the functionality (and hide the menu if it helps)
>> in a must use plugin (wp-content/mu-plugins), and make it non-writable by
>> any users of the system (apache or any ftp users) -- I usually make the
>> file owned by root and read only.
>>
>> And don't allow any no-trusted users the ability to install plugins, by
>> any
>> means.
>>
>>
>> Mike
>
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers


More information about the wp-hackers mailing list