[pmwiki-users] [pmwiki-devel] Security issues: Disabling action=source & action=diff?

[Tegan Dowling]

On 12/5/06, christian.ridderstrom at gmail.com
<christian.ridderstrom at gmail.com> wrote:
> On Tue, 5 Dec 2006, Crisses wrote:
>
> > Anyone against this?  For it?  Want to help?  Want to do it instead? :)
>
> I don't think action=source should be blocked by default.
>
> Here are two "proper" uses for action=source:
> * Editing pages with an external editor (would then require edit acces)
> * "Including" wiki pages between wikis

This is all in the docs.  In config.php, you can globally set either
diff or source to require the same permissions as another,
typically-passworded action (edit or admin), as D. Faure's
instructions above explain, with

$HandleAuth['diff'] = $HandleAuth['source'] = 'edit';

You can also give each one its own action authorization rules, which
can be controlled on a per-group or per-page, ?action=attr setting,
per http://www.pmwiki.org/wiki/PmWiki/PasswordsAdmin, which says:
**********************************
The full set of steps to add new password handling for an action such
as "diff" would be:

# add a new (encrypted) field to the attr page
$PageAttributes['passwddiff'] = '$[Set new history password]';

# clear the default password for 'diff'
$DefaultPasswords['diff'] = '';

# Tell PmWiki that the 'diff' password allows action 'diff'.
$HandleAuth['diff'] = 'diff';

# Tell PmWiki that a 'read' password
# (or optionally the 'edit') password
# is also sufficient to enable 'diff'.
# Of course, the 'admin' password will work too.
$AuthCascade['diff'] = 'read';    ## or 'edit'
**********************************

With all of these controls available to an admin, I doubt that
changing the default would be necessary?