Modify ↓
Opened 17 years ago
Closed 17 years ago
#5450 closed defect (fixed)
administrator cannot disable hdfdump
| Reported by: | quasistoic | Owned by: | Alec Thomas |
|---|---|---|---|
| Priority: | high | Milestone: | 0.11 |
| Component: | general | Version: | devel |
| Severity: | major | Keywords: | hdfdump trac-admin |
| Cc: | Branch: | ||
| Release Notes: | |||
| API Changes: | |||
| Internal Changes: | |||
Description
From as far back as revision 2078 to the time of this posting, there's been a FIXME note in source:/trunk/trac/web/api.py mentioning that administrators should be able to disable hdfdumps.
As far as I can tell, this issue was first brought up back in comment:ticket:51:6 but there was never any followup.
I do find it disturbing that anyone can visit any installation of trac, and regardless of the permissions afforded to the anonymous user, can append ?hdfdump=1 to obtain a good amount of sensitive information. http://trac.edgewall.org/wiki/?hdfdump=1
Attachments (0)
Change History (6)
comment:1 by , 17 years ago
comment:2 by , 17 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Fixed in r5636. hdfdump now requires TRAC_ADMIN.
comment:4 by , 17 years ago
| Resolution: | fixed |
|---|---|
| Status: | closed → reopened |
comment:5 by , 17 years ago
| Milestone: | → 0.11 |
|---|---|
| Owner: | changed from to |
| Status: | reopened → new |
| Version: | → devel |
comment:6 by , 17 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
I've found that by commenting out lines 326-329 in source:/trunk/trac/web/api.py@5556#L326 and altering the whitespace on line 330 appropriately, I can disable hdfdumps in the case of a permission error, which solves my problem at the moment, namely:
If I've removed all permissions granted to anonymous, I want to make sure that anonymous cannot execute an hdfdump.
Still, it would be useful to build an option into the trac.ini file or something.