[pmwiki-users] adding cookbook script

[Patrick R. Michaud]

On Sun, Feb 24, 2008 at 11:19:19PM +0100, Christophe David wrote:
> >  A similar argument goes for storing parts of config.php into
> >  a wiki page -- it means that someone who is able to modify
> >  those pages somehow can start executing arbitrary scripts
> >  on the server.  There may be cases where this would be
> >  okay, but in the general case I think it's too big a
> >  security risk for the core.
> 
> Maybe an alternative would be to only allow loading (including)
> cookbooks from SiteAdmin.Config (no other PHP code).  The Farm Admin
> could copy to $FarmD/Cookbook all recipes he is prepared to see
> running on his farm, and the Field Admin could load them.
> 
> Going this route, what about having a markup (:cookbook xyz:) that
> would include_once the recipe passed as parameter ?  This way, recipes
> could be loaded for specific pages, groups, etc.

- How many cookbook recipes are typically included that don't
  require any additional configuration or settings?  This is
  not a rhetorical question -- I really don't have a feel for
  how many times a recipe consists of precisely the steps
  (1) download script, (2) add include_once() line.

- Using a markup like (:cookbook xyz:) to indicate loading a recipe
  often occurs too late to do any good.  Markups aren't processed
  until after the system has already decided that (1) we are
  browsing the page and (2) the visitor has read permission to
  the page.  Any recipe that adds new actions, modifies existing
  actions, changes page security, or otherwise affects page handling
  will have to be loaded long before we start processing a page's
  markup.

> This markup should have to be enabled by the Farm Admin.  When
> enabled, the only thing users could do is to load an already approved
> cookbook.
> 
> Would it not make life easier for many users  ?

How many "users" are there who are administering wikis but aren't
the farm admin?

Pm