Ticket #480 (closed enhancement: wontfix)

Opened 2 years ago

Last modified 10 months ago

/wp-admin/theme-editor.php is missing in trunk

Reported by: RavanH Assigned to: somebody
Priority: normal Milestone:
Component: component1 Version:
Severity: normal Keywords:
Cc:

Description

Is the file missing on purpose? If so, people should warned that plugin UserThemes? depends on the file and they should keep the one from a previous install. The 1.2.5 version seems to work, but haven't tested fully.

Change History

10/26/07 14:00:43 changed by donncha

  • status changed from new to closed.
  • resolution set to fixed.

Yes, it's missing on purpose. There is no reason why a theme should be edited through it. That User Themes plugin is a security risk if I'm reading the description at http://wpmudev.org/project/User-Themes it appears to allow any blog admin to edit the themes. As some comments on that page point out, those themes are PHP and you're just asking for trouble installing that plugin!

10/26/07 21:00:36 changed by RavanH

ok, i will have to stick with the old theme-editor.php then...

i can relate to the risk involved when the system is used for public sign-up. but please, let me assess the risk i take myself. to be clear: i am not working with wp_mu as a public service but only with a limited set of people that can be trusted to operate carefully when maintaining their blogs. is wp_mu only supposed to be used for free and unlimited sign-up???

01/16/08 16:47:29 changed by axelseaa

I agree with RavanH. I would like to see this file come back into the source, placing the responsibility on the user. There are alot of installations that I can see benefiting from this.

The biggest issues with using the older version is that its highly likely it will break in the future. It would be nice to see it in the source and maintained by the WPMU team.

01/16/08 20:38:46 changed by donncha

Sorry, there's no good reason for normal users to edit php files. For special cases where you absolutely trust your users not to mess up your server then get the file from regular WP.

If WPMU did ship this file it might encourage admins who don't understand fully the consequences of editing themes to enable it or use that plugin above.

08/29/08 01:18:51 changed by rcain

  • status changed from closed to reopened.
  • type changed from defect to enhancement.
  • resolution deleted.

I also totally agree with RavanH and axelseaa.

The issue of security should be handled by 'roles' and 'capabilities' management.

Themes editing is so fundamental that it should be incorporated as part of core release, otherwise you are just inviting a load of uncontrolled and unmaintainable hacks and plugins.

If engineering a per-blog admin solution is difficult, then simply enable it only for super admin - this makes it no more of a security risk than on standard (non-mu) Wordpress.

re. Donchas last point - provide a warning then, and if you are an admin who cant understand that, you shouldn't be using mu in the first place. IMO, one of the best points of WP is that it hasn't yet obscured or overcomplicated and it does that by leaving good php code visible, readable and accessible to change by admins ('php is its own template').

Can we raise this on a wish-list anywhere (oops, think i just have)?

Otherwise, thanks for an outstanding product. Appreciate your work.

08/29/08 08:34:22 changed by donncha

Sorry rcain, it won't happen. I'll leave this open, but template editing won't be going into MU until a non-php template language is created that is secure. That means making sure no malicious code can run on the server, AND sufficient filtering of Javascript so bad code can't run on the browser and steal cookies.

09/01/08 15:49:28 changed by lunabyte

  • status changed from reopened to closed.
  • resolution set to wontfix.

Closing as theme-editor.php won't be in MU any time in the foreseeable future.