[Fwd: Re: [wp-hackers] Critical WP Flaw?]

Geoff contact at veryeasy.ca
Thu Jul 27 10:56:48 GMT 2006


> Plugins need to be sure to put current_user_can() checks wherever access
> control is needed.  I think some authors were assuming that WP checks
> for them.  It does not. WP doesn't know what user level/capability the
> various parts of a plugin require.  An audit of plugins shows that some
> plugins have been making this assumption for a long, long time.
>
> Ryan

What should plugin authors be using as the capability to put into the
current_user_can() test?

Should there be a recommended default capability? ('activate_plugins'?)
Should plugin authors create an option where the user can select which
capability determines access to its administrative functions? Should
plugin authors be looking to create new capabilities in the system?

And are there examples of code for plugins to perform the capability check
with backwards compatibility to the user_level system as well? How soon
can plugin authors be educated on how to 'fix' their contributions?

Geoff





More information about the wp-hackers mailing list