Textpattern CMS support forum
You are not logged in. Register | Login | Help
- Topics: Active | Unanswered
Re: Textpattern CMS demo site
etc wrote #282229:
Without any protection, a plugin could empty, or maybe even drop a txp table. That’s enough to crash the site.
True. I’m still weighing up the risk/benefit for having plugin upload enabled. Potentially, the site(s) could be down/broken for 3 hours, then be restored and come back to life. Is that too much of a risk? The 3 hour window is trivial to change, of course – and perhaps a ‘report broken site’ link might be in order to have it restored ahead of time …which raises the question of getting around that and just shortening the rebuild interval to 1 or 2 hours.
Offline
Re: Textpattern CMS demo site
gaekwad wrote #282231:
Potentially, the site(s) could be down/broken for 3 hours, then be restored and come back to life. Is that too much of a risk?
I’d say — wait and see — but plugins open the gate to php scripting, and who knows how much harm can be done to the server in 3 hours?
Offline
Re: Textpattern CMS demo site
etc wrote #282232:
plugins open the gate to php scripting
True, but inside an Article or Page or Form:
<txp:php>
safe_query('drop txp_users;');
</txp:php>
and boom, everyone’s gone. You can’t get round that unless you disable PHP in pages and articles and then remove access to Admin->Preferences so it can’t be changed. It’s beginning to sound like less of a demo and more of a ‘look at the interface… you just can’t do anything’ :-p
So, either:
- allow plugins and PHP, or
- block both and remove Prefs access
Like Pete says, a sandbox environment with no external access that rebuilds The Matrix every few hours. Where’s the incentive to do harm? And a report link is a great idea to initiate a premature rebuild… once the timer is in place since it’ll get out of sync with the schedule.
EDIT: Although not the strictest use of it as a demo site, one argument I can think of for keeping plugins is so users who want to upgrade to the latest version, but haven’t for fear of plugin incompatibility, can install legacy plugins and try them out to see if they run OK (or try new versions to check they still fulfil their needs). Same goes for the dev platform: a handy testbed to see what might break with existing plugins, which might also be used as a feedback loop to us so we can address potential problems earlier.
The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.
Txp Builders – finely-crafted code, design and Txp
Offline
Re: Textpattern CMS demo site
Bloke wrote #282233:
True, but inside an Article or Page or Form:
<txp:php>...
and boom, everyone’s gone. … Like Pete says, a sandbox environment with no external access that rebuilds The Matrix every few hours. Where’s the incentive to do harm?
Wish Jukka were here :) Not sure, but 3-hours spamming could be enough to get blacklisted. Bad stuff uploading/distribution is probably possible too. I would totally disarm php()
function (in the demo core) and disable plugin install. Or install a collection of “official” ones, maybe creating permanent accounts for authors. But let’s wait and see.
Offline
Re: Textpattern CMS demo site
etc wrote #282234:
Not sure, but 3-hours spamming could be enough to get blacklisted.
Oh, I’m certain 3 hours is more than enough to get blacklisted – but there’s no MTA installed. Email is disabled.
Offline
Re: Textpattern CMS demo site
Bloke wrote #282233:
And a report link is a great idea to initiate a premature rebuild… once the timer is in place since it’ll get out of sync with the schedule.
Link added. Countdown timer to follow.
Offline
Offline
Re: Textpattern CMS demo site
etc wrote #282238:
One can post spam to websites.
Please excuse my ignorance, Oleg – you mean comment spam on other website articles with a URL link to the demo site?
Offline
Re: Textpattern CMS demo site
gaekwad wrote #282239:
you mean comment spam on other website articles with a URL link to the demo site?
Pete, I mean posting comment spam to external websites from your demo site, file_get_contents
function does it quite easily. Or even conduct a DoS attack. Or I’m paranoiac :)
Offline
Re: Textpattern CMS demo site
etc wrote #282241:
Pete, I mean posting comment spam to external websites from your demo site,
file_get_contents
function does it quite easily. Or even conduct a DoS attack. Or I’m paranoiac :)
Ah, OK – thanks for the clarification. A firewall preventing all external connections would mitigate that, right?
Offline
Offline
Re: Textpattern CMS demo site
etc wrote #282243:
Quite possible, I’m network dilettante. An expert advice is welcome.
+1. Your input is very valuable, so thank you for sharing your concerns.
I have firewalled the server. Incoming connections outside of port 80 and the (non-standard) ssh port are blocked. All outgoing connections outside of Subversion are blocked.
Last edited by gaekwad (2014-07-18 09:17:56)
Offline