Changes between Version 7 and Version 8 of GenshiMacro

Timestamp:

Jul 11, 2016, 2:26:22 PM (8 years ago)

Author:

anonymous

Comment:

--

GenshiMacro

@@ -4 +4 @@
 
 {{{#!box warn 
-**Notice:** This plugin has not been developed with security considerations in mind.
+**Notice:** This plugin has not been developed with security considerations in mind. '''Only enable this macro on sites where you trust *all* users who can edit *any* wiki text with the web server's account.'''
 }}} 
 
@@ -13 +13 @@
 Your templates will have access to the request as `req`, which can be useful for tasks like URL generation, rendering form tokens for POST requests, and checking for a logged-in user.
 
-'''Note: no security considerations whatsoever went into the making of this plugin. If you happen to know how it can be improved, please let me know.'''
+'''Note: no security considerations whatsoever went into the making of this plugin. Remy Blank gave some advice:'''
+
+Genshi templates allow executing arbitrary Python code. So you basically
+give users who can insert the macro anywhere (wiki page, ticket comment,
+etc) permission to act as the user running Trac, including running run
+any shell command.
+
+{{{
+{{{ #!Genshi
+<div>${open('/etc/apache2/htpasswd').read()}</div>
+}}}
+}}}
+
+{{{
+{{{#!Genshi
+<?python
+  import os
+  os.system("rm /path/to/env/db/trac.db")
+?>
+}}}
+}}}
+
+So my advice is, only enable this macro on sites where you trust *all*
+users who can edit *any* wiki text with the web server's account.
 
 == Bugs/Feature Requests