View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0017358||phplist application||Message Send Process||public||05-09-14 16:34||17-05-15 16:47|
|Priority||normal||Severity||minor||Reproducibility||have not tried|
|Target Version||3.1.X||Fixed in Version||3.0.11|
|Summary||0017358: allow remote cron calls with secret|
As discussed in 0017316
The problem with having the login/password on the GET URL is that it increases the chance of it leaking. When it has leaked the attacker will have access to the entire system, which is not good.
I think I will resolve it as follows:
1. set a secret in the config that is used ONLY for the processqueue call.
2. allow calling the processqueue remotely, without login/password and with the secret.
That way, an attacker discovering the secret will only be able to run the queue, but will not have access to the rest of the system. If the queue running is invoked this way, we keep output to a minimum, to avoid leaking additional information to the attacker.
|Tags||Configuration and sending|
this has been implemented in the new version 3.1.0 which is a development version.
would be great if some people can have a play around with it.