[wp-trac] [WordPress Trac] #12460: Overhaul of some multisite files
WordPress Trac
wp-trac at lists.automattic.com
Sat Apr 3 02:45:31 UTC 2010
#12460: Overhaul of some multisite files
-------------------------------+--------------------------------------------
Reporter: Denis-de-Bernardy | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: 3.0
Component: Multisite | Version: 3.0
Severity: normal | Keywords: has-patch
-------------------------------+--------------------------------------------
Comment(by wpmuguru):
Replying to [comment:15 nacin]:
> I thought about this, but I strongly disagree. The sitemeta value could
just as easily be updated via any "vulnerability."
If someone can get access to the database through a hack or vulnerability,
nothing can be done in the UI to prevent a knowledgeable hacker from
gaining access. IMO, the fact that it can be done another way doesn't
justify creating a second potential opportunity.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/12460#comment:17>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list