[TYPO3-core] RFC: #11368: ENABLE_INSTALL_TOOL file should be ignored if older than one hour
Lars Houmark
lars at typo3.org
Tue Jun 23 04:03:08 CEST 2009
On 2009-06-22 18:56:34 -0500, Michael Stucki <michael at typo3.org> said:
>
> Hi Bernd,
>
>>> What would be possible (and not compromise security) would be a button
>>> in the backend which admins can click to automatically create that file
>>> when they need it. However, I'm not quite sure where such a button
>>> should be placed, and if it makes sense at all...
>>
>> why do you need an extra button?
>>
>> clicking on 'install-Tool' in the left-menu means an admin wants access
>> to install-tool. can this call of install-tool be preceeded with an
>> automated generation of lock-file?
>
> Great idea!
>
> What does the security team say to this approach? Do you consider it to
> be problematic?
The key is to make sure the behavior cannot be faked and that there is
done enough validation to make sure the session is valid.
This should still go into another RFC and when that one is present, the
security team would like to look into it, to verify the method used
doesn't introduce a breach :)
>
> I don't think it is a problem, as the file is only created if an admin
> user has clicked on the "Install" module within the last hour (or if it
> was created manually, again within the last hour). And still, there is
> no Install Tool without having the password for it.
At first thought I personally like the idea too, and it would for sure
make the file lock mechanism more transparent, and combined with
auto-delete, this would not only enhance security, but also make the
install tool access more user-friendly and hassle-free for admins.
--
Lars Houmark
Member of the TYPO3 Security Team
More information about the TYPO3-team-core
mailing list