Thanks for your reply.
On Wed, Nov 21, 2007 at 12:41:26PM +0100, Saint-Genest Gwenael wrote:
Hugo Mills wrote: (snip)
Themes.
From my limited investigation so far, it seems that Drupal themes
are basically PHP. Allowing users to upload themes directly is therefore a no-no. Is there a non-executable type of theme that we can support direct uploads for safely, or will all uploaded themes have to be audited before we allow them up? How flexible would the system be if we were to prevent theme uploads completely?
I think, for the moment, all drupal themes must contain PHP code.
Unfortunate, but not unexpected.
Maybe you can pre-install some popular theme and suggest user to request other themes by mail to admin ? Maybe you can use some themes from themegarden ?
Yes, we'll probably pre-install a bunch of themes for people to use anyway (and install others on request). I can forsee some people having issues with not being able to upload their own themes, but we have a less-secure provisioning for that.
For more flexibility to can allow users to upload personal imagesfor theme.
OK, I'll have a play with that.
What else have I forgotten or overlooked?
The chances of having a malicious user are probably fairly small in
this set-up, but I'd like to keep it as "clean" as possible, so pointing out any other glaring holes that would allow a site administrator to execute arbitrary code on the server would be useful.
I've never use multisite-mode but i'm interested by your experiencereturn.
If I ever get this system up and running sensibly, I'll try to write up what we had to do to get it to work, and circulate it to the relevant communities.
Hugo.