Extension talk:Page-by-page authentication

From MediaWiki.org
Jump to navigation Jump to search

This page was moved from Meta-Wiki.
It probably requires cleanup – please feel free to help out. In addition, some links on the page may be red; respective pages might be found at Meta. Remove this template once cleanup is complete.

This access control method is vulnerable to the search hole. Namely:

The access control mechanism is only activated when the page Wikisource is rendered for display. As part of the rendering, the parser catches a special tag, which triggers a set of code, comparing the current user to the list of authorized users. It is only during this process that the page is blocked from the user, by short-circuiting the normal page operation by inserting an exit() call.

However, none of this occurs if the page source is viewed by any method that does not parse the wikisource and trigger the extension code. The obvious way this is done is via search. Searching for the page name or a word on the page will result in a snippet of the page returned in the search results. Repeated use of the search hole can conceivably retrieve the entire content of the page, or at very least, sensitive parts of its contents.

Other Wikis with similar methods have the same problem; see TWiki page making the same warnings about its own per-page access control.

There are other, much easier ways for a non-listed user to retrieve the entirety of a page controlled using this method. (See See Brion's post to MW-l.) It should not be relied upon for true security. A reliable way to restrict content is to set up another MediaWiki instance and use $wgWhiteListEdit and $wgWhiteListRead and make user account creation closed by making Special:Userlogin only available to the sysop (see Preventing_Access). 00:21, 20 December 2005 (UTC)