[wp-hackers] Su for WP: wp-su (Was: Possible security patch)

Lynne Pope lynne.pope at gmail.com
Mon Dec 7 01:03:21 UTC 2009


+1 from me. I think this sounds like a great idea. I don't believe it should
be part of core, but I'd definitely be recommending it to people. An extra
layer of security is always a good thing.

Cheers,
Lynne

2009/12/6 Dion Hulse (dd32) <wordpress at dd32.id.au>

> I thought of the same thing. And in the end, I thought, If i dont try,
> it'll never happen.
>
> Ultimately, Those who use it will be someone who's had WP installed by
> someone else, Or have googled on how to keep their installs secure i think..
> Originally it was more of a POC, but after talking to a few people about it,
> they saw the benefit of it.
>
> I myself, Do not actually abide by most of those security rules i listed..
> So i know theres definately a chunk of users out there for it :)
>
>
>
> On Sun, 06 Dec 2009 16:09:18 +1100, Steven Rossi <SuperMoonMan at gmail.com>
> wrote:
>
>  Sounds like a cool plugin which will certainly serve its purpose for users
>> that install it. The problem it might run into is that
>> getting-people-to-use-it part. People that know how this stuff works well
>> enough to realize they should be using something like this are probably
>> already using something like this--or at least being smart about their
>> usernames/passwords. Because really, something like this is definitely an
>> inconvenience, despite it providing valuable security. If you could get
>> the
>> message of the importance of this out there, I totally support your
>> plugin.
>>
>> Steven Rossi
>> http://www.letsmovetothemoon.com
>> http://www.stevenjrossi.com
>> http://www.twitter.com/supermoonman
>>
>> On Sat, Dec 5, 2009 at 11:55 PM, Dion Hulse (dd32) <wordpress at dd32.id.au
>> >wrote:
>>
>>  On Sun, 06 Dec 2009 15:29:44 +1100, Ian Stewart <ian at themeshaper.com>
>>> wrote:
>>>
>>>  The correct solution probably is to avoid
>>>
>>>> using the admin account for posting. I'd argue though that most people
>>>> do
>>>> use the admin account for posting and will continue to whether or not it
>>>> is
>>>> the correct solution. Even if they know it's the correct solution. Just
>>>> like
>>>> people choose to use weak passwords
>>>>
>>>>
>>> I've been working on a plugin the past few days for that exact reason,
>>> That
>>> a lot of users just use a Administrative account..
>>>
>>> The idea? Wp-Su
>>>
>>> Put simply, It adds an extra line of security to WordPress, No longer do
>>> you have an Administrative account, You have an account with minimal
>>> privledges -  Enough to let you write posts, edit posts, and do the
>>> majority
>>> of what you would do..
>>> But in the event that you wish to change a blog option, Theres no need to
>>> log out and log into the admin account, Just hit the Su link, Type in the
>>> extra password (Which can(should) differ from you user account password),
>>> and all the administrative features are open (For a predetermined time,
>>> 5minutes? 15, 30minutes).
>>>
>>> I've had some people ask me flat out, Whats the point. Just use a Editor
>>> account. OR Why? Arnt people just going to sniff the Su password as well?
>>>
>>> I came up with a simple list for that:
>>>  1. Users should never use accounts which have more privledges than they
>>> require
>>>  2. Users should only ever log into administrative accounts on
>>> computers/networks they trust 100%
>>>  3. Users should never use the same password for everything
>>>  4. Majority of keyloggers are generally only targetting User/password
>>> combinations
>>>
>>> How many people know of a user who doesnt follow 1-3?
>>> How many people know of a bank which no longer uses a username and
>>> password
>>> combo? And instead, Has an extra layer of security (Picture password for
>>> example, or SMS)? - Pretty much all of them.
>>>
>>> Currently.. My plugin is unreleased, However, will be out by the time 2.9
>>> ships, will require WP 2.9, and whilst the UI integration isnt as good as
>>> i'd like (due to WP shortcomings in filters at present), Uses a extra
>>> text
>>> password (instead of Pictures/phrases/whatever), and is presently mainly
>>> a
>>> proof of concept.
>>>
>>> Right now, The user enables the plugin, Selects which roles should have
>>> access to a Su environment, and select which caps should be protected by
>>> Su
>>> use (ie. Plugin, Blog, Theme and User options/edits should only be done
>>> by
>>> Su users, However Post publishing, page editing, etc can be done by a
>>> "normal" user).. I'm hoping to extend that to have a short wizard which
>>> prompts to user to set it up properly before release however.
>>>
>>> Thoughts? Anyone want the Beta? (Email me off list please - It could do
>>> with some security testing before release.. Not sure i got the User
>>> Cookie
>>> 100% right)
>>> _______________________________________________
>>> wp-hackers mailing list
>>> wp-hackers at lists.automattic.com
>>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>>>
>>>  _______________________________________________
>> wp-hackers mailing list
>> wp-hackers at lists.automattic.com
>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>>
>>
>
> --
> Using Opera's revolutionary e-mail client: http://www.opera.com/mail/
>
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>



-- 
http://twitter.com/elpie/


More information about the wp-hackers mailing list