Re: Remove PHP filter by default
Why is the existing option to disable this or limit it to certain roles not sufficient? One simply has to go to admin/filters and click disable if they don't want it. Perhaps the documentation or install instructions need to be enhanced to have a chapter about security (i.e. if you want to secure your site here are all the things you can do and their impact). As others have said, just because you are writing PHP doesn't mean you are coding functionality, you may just be trying to generate dynamic content on your site in a block or something. That is something drupal should allow and you should need to write a module to do that. Drupal is not exclusively used by people that can get in there and upload files to their FTP server. If that was to be offered as "more secure" way of doing things that is fine, but it should be an administrator choice it shouldn't be required.
On Sun, 29 Jan 2006 21:32:46 +0100, Raven Brooks <raven.brooks@buyblue.org> wrote:
Why is the existing option to disable this or limit it to certain roles not sufficient?
Because it takes exactly one badly written module to unleash hell. Yes, it happened in the past. If the gun is not there, you can't shoot. Regards NK
Karoly Negyesi wrote:
On Sun, 29 Jan 2006 21:32:46 +0100, Raven Brooks <raven.brooks@buyblue.org> wrote:
Why is the existing option to disable this or limit it to certain roles not sufficient?
Because it takes exactly one badly written module to unleash hell. Yes, it happened in the past.
Removing this filter is not going to fix *that* problem. Without the PHP filter, I can still write a completely broken module that will unleash hell. This is a good reason for having a quality module evaluation scheme. Don't use modules that are poorly written if you want security. ..chrisxj
Op zondag 29 januari 2006 21:32, schreef Raven Brooks:
One simply has to go to admin/filters and click disable if they don't want it.
The problem occurs when you have a lot of sites, and do not want *anyone* to run PHP. You have to disable not only the PHP input. But also the ability for people to switch it on. Which means you ghave to seriously restrict all their permissions. Same goes for when you *do* what Joe Moderator of your site to be able to administer certain areas (like users) but definately not to give the the option to run code. Bèr -- [ End user Drupal services and hosting | Sympal.nl ]
participants (4)
-
Bèr Kessels -
Chris Johnson -
Karoly Negyesi -
Raven Brooks