on the security of this plugin..

master
Joey Hess 2008-07-29 16:19:53 -04:00
parent b8d3c83ee0
commit e2612c7873
1 changed files with 17 additions and 0 deletions

View File

@ -0,0 +1,17 @@
The security of this plugin scares me. As noted in the plugin
documentation, you basically have to use it with SSL, since snooping on the
login password doesn't give you an essentially useless account -- it gives
you an actual account on the machine!
Also, apparently pwauth defers *all* auth attempts if one fails, and it
does this by using a lock file, and sleeping after a failed auth attempt.
Which is needed to avoid brute-forcing, since this is a significant
password.. but how will that interact with ikiwiki? Well, ikiwiki _also_
uses a lock file. So, at a minimum, someone can not only try to brute-force
the pwauth password, but the ikiwiki processes that stack up due to that
will also keep ikiwiki's lock held. Which basically DOSes the wiki for
everyone else; noone else can try to log in, or log out, or edit a page,
all of which require taking the lock.
So I don't think I'll be accepting this plugin into ikiwiki itself..
--[[Joey]]