[wp-trac] [WordPress Trac] #25436: Permissions system.

WordPress Trac noreply at wordpress.org
Sat Sep 28 23:57:43 UTC 2013


#25436: Permissions system.
-----------------------------+----------------------
 Reporter:  trusktr          |       Owner:
     Type:  feature request  |      Status:  closed
 Priority:  normal           |   Milestone:
Component:  General          |     Version:
 Severity:  normal           |  Resolution:  wontfix
 Keywords:  close            |
-----------------------------+----------------------
Changes (by rmccue):

 * status:  new => closed
 * resolution:   => wontfix
 * milestone:  Awaiting Review =>


Comment:

 Replying to [comment:1 SergeyBiryukov]:
 > > It'd be nice if plugins had to specify certain permissions to access
 certain features of wordpress (IMHO, I'd like it) for more security.
 >
 > We have a system of [http://codex.wordpress.org/Roles_and_Capabilities
 roles and capabilities] that can be leveraged by plugins.

 I believe this is more about only making certain APIs available to
 plugins.

 Unfortunately, due to the structure of PHP and the way plugins work, this
 is not possible without rewriting the entire plugin system from scratch
 and using serious amounts of sandboxing. Whether this is even possible on
 99% of systems (i.e. those without runkit) is another question. I think it
 could be done, but not without serious amounts of programming resources
 and a huge redesign of our API, which just isn't going to happen.

 Closing as wontfix.

--
Ticket URL: <http://core.trac.wordpress.org/ticket/25436#comment:2>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list