[pmwiki-users] read password information leak

Patrick R. Michaud pmichaud at pobox.com
Mon Mar 7 11:51:15 CST 2005


On Mon, Mar 07, 2005 at 12:29:47PM -0500, Neil Herber wrote:
> The read password does not appear to suppress protected pagenames or 
> groupnames for "action=refcount".

No, it doesn't.  Refcount is already such a slow and server-heavy
operation that I didn't want to burden it further with password checking.  
This is also why it's not enabled by default in the distribution,
because it does have the potential to leak information.

I also think it could become highly misleading -- i.e., it might
indicate that a page has no links to it when in fact there are
read-protected pages that are linking to it but were suppressed
due to permissions.

I think that if this much security is needed, then the site admin
should probably look to limiting access to refcount.php or using a
farm/field.  That said, I suppose I could write refcount to honor
the $EnablePageListProtect variable, but this really opens the
door to some confusing results.

Pm



More information about the pmwiki-users mailing list