[wp-trac] [WordPress Trac] #44230: Export Personal Data Flaw

WordPress Trac noreply at wordpress.org
Wed Oct 19 18:48:43 UTC 2022 

#44230: Export Personal Data Flaw
--------------------------+----------------------
 Reporter:  psycleuk      |       Owner:  (none)
     Type:  defect (bug)  |      Status:  closed
 Priority:  normal        |   Milestone:
Component:  Privacy       |     Version:  4.9.6
 Severity:  major         |  Resolution:  wontfix
 Keywords:                |     Focuses:
--------------------------+----------------------
Changes (by iandunn):

 * status:  new => closed
 * resolution:   => wontfix
 * milestone:  Awaiting Review =>


Comment:

 Calling the brute-force-resistant file names security-through-obscurity
 seems analogous to saying that HTTPS traffic on a WiFi network is open to
 anyone. It's true that ''technically'' anybody can read it, but ''in
 practice'' the encryption makes it secure enough for common use.

 Mitigations have to adapt to fit the circumstances, and a formal ACL would
 add extra complexity and degrade UX without adding any tangible benefit.
 WP is [https://wordpress.org/about/philosophy/ designed for the majority],
 but the beauty of the plugin system is that anybody can write something to
 add additional security here for environments that require it.

 If you feel like this affects the majority, then I'd challenge you to
 produce a PoC that demonstrates it in the wild. If you can, then we could
 definitely consider adding stronger measures! If you are able to, please
 share it privately on https://hackerone.com/wordpress, so we can add those
 measures before the PoC becomes public.

 The file-deletion vulnerability you mentioned was fixed in `4.9.7`. The
 `index.html` file was renamed to `index.php` in #52299 to protect against
 the configurations you mentioned.

 I'm going to close this since it seems like there's a consensus among
 component maintainers and committers. That just means there isn't anything
 actionable right now, though. We can continue discussing it, and could
 reopen this if a compelling argument is made or new information is
 presented.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/44230#comment:11>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list