| Author |
Message |
fade2gray
Regular
Joined: Mar 26, 2006
Posts: 87
Location: UK
|
 Posted:
Thu Jun 14, 2007 5:17 pm |
|
Couldn't find anything of a resolution to non-god admins getting blocked with "You have attempted an Authors Table attack on this site.", so I've come up with the following (works with 2.5.08 as supplied in rn2.10.01).
If you want only your god-admin to see the "edit admins" icon then...
In nuke/admin/links/links.editadmins.php
find...
if ($radminsuper==1) {
and change to...
if(is_god($_COOKIE['admin'])) {
If you want your non-god admins to see or not see the "edit admins" icon by making it switchable then...
In nuke/config.php
find...
$display_errors = FALSE; //This should only be used (set to TRUE) when testing locally and not in a production environment
and change to...
$display_errors = FALSE; //This should only be used (set to TRUE) when testing locally and not in a production environment
$show_admin_icon = 0; // Set to "0" to hide "edit admin" icon from non-god admins, otherwise set to "1" to show
and in nuke/admin/links/links.editadmins.php
find...
global $admin_file;
if ($radminsuper==1) {
and change to...
global $admin_file, $show_admin_icon;
if ($radminsuper==1 && $show_admin_icon==1) {
(EDIT: make that)
global $admin_file, $show_admin_icon;
if (is_god($_COOKIE['admin']) || ($radminsuper==1 && $show_admin_icon==1)) {
(or god-admin won't see the icon either)
Hope this helps and apologies if it's been covered elsewhere. |
Last edited by fade2gray on Fri Jun 15, 2007 9:25 am; edited 2 times in total |
|
 
|
|
kguske
Site Admin
Joined: Jun 04, 2004
Posts: 6432
|
| Posted:
Thu Jun 14, 2007 6:16 pm |
|
|
|
|
|
fade2gray
|
| Posted:
Fri Jun 15, 2007 9:38 am |
|
There is a side effect to the above tweaks - when you initially log in as god-admin, the "edit admins" icon is not displayed. You need to either click the "admin menu" link in the navbar, or whatever means you use to access the admin menu, before it does display.
It seems that "(is_god($_COOKIE['admin'])" is not "true" immediately after initial login - can anyone suggest a reason for this? |
| |
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 17088
|
| Posted:
Fri Jun 15, 2007 10:37 pm |
|
After you added them as Admins in the Edit Authors panel, did you remember to Scan for new Admins in NukeSentinel(tm)? Once you do that you can set the Protected setting and then NukeSentinel(tm) should ignore them. |
| |
|
|
|
|
fade2gray
|
| Posted:
Sat Jun 16, 2007 3:44 pm |
|
| Raven wrote: | | After you added them as Admins in the Edit Authors panel, did you remember to Scan for new Admins in NukeSentinel(tm)? Once you do that you can set the Protected setting and then NukeSentinel(tm) should ignore them. |
The situation is this - I have become confident in installing and upgrading RN and since 2.10.00 you've made the installation near fool-proof, but in my venture to start experimenting with Sentinel' s configurations, I've been unable to find an up-to-date user guide (that for Sentinel 2.2.1 being the latest). Initially I couldn't understand the difference between un/protected Admins - the user guide contains no reference and searching the web only results in being advised to select protected. I stumbled on the explanation by chance when I found I didn't always need to delete my address from the blocked ip's table - the difference being whether or not the admin was protected.
If no admin, other than god-admin, has any business accessing the "edit admins" menu, then why show them the icon at all (setting them as protected doesn't stop them being warned they are attempting an author's table attack)? That's why I came up with the above. |
| |
|
|
|
|
Raven
|
| Posted:
Sat Jun 16, 2007 9:11 pm |
|
| Quote: | | If no admin, other than god-admin, has any business accessing the "edit admins" menu |
That's not the case. If you allow a non-God admin to have admin rights for stories, let's say, they would have to have access to the admin panel. That's been in nuke forever. Obviously you can modify whatever code you want. Just keep in mind that it's usually easier/safer to work within the application logic/security than to hack the code, unless the code is wrong. You also increase your work when upgrades come along. It seems that in this case that possibly you aren't understanding the reason why admins need to have access to the panel. Or maybe I'm the one not understanding 
Either way, as long as you are happy then that's all that counts  |
| |
|
|
|
|
fade2gray
|
| Posted:
Sun Jun 17, 2007 8:53 am |
|
| Raven wrote: | | Or maybe I'm the one not understanding |
I think that could well be the case in this instance Raven.
 "admin panel" and "edit admins - a specific area of the 'admin panel' where users are promoted with various permissions and where admins can be deleted" - not exactly the same thing eh?
Remember astralman? I came across that when searching for answers regarding "why should I choose to protect admins or not" and "how to avoid non-god admins getting blocked/banned for accidental 'authors table attacks'".
You have made the "Admin Auth List", "Scan for New Admins" and "Database Maintenance" Sentinel administration links unavailable to non-god admins, so why not do the same for the "edit admins" link? The only reason I could think of for leaving it accessible is in order to test Sentinel's ability to block an "authors table attack", in which case why not make it switchable?
One other thing, when scanning for new admins, why are they not made protected by default? As it is, when a scan is performed and a new admin is found and added to the "Admin Auth List", an email is automatically sent to the user notifying him that he's unprotected (amongst other things) - you then choose to make that user protected and he gets another email telling him so.  |
| |
|
|
|
|
gregexp
The Mouse Is Extension Of Arm
Joined: Feb 21, 2006
Posts: 1497
Location: In front of a screen....HELP! lol
|
| Posted:
Sun Jun 17, 2007 9:06 am |
|
wait, your saying that you want admins to be superuser which shows them both the site administration panel and the modules administration panel.
Now you also want to stop them from viewing the link of edit admin but only edit admin?
This would work, but the problem as Raven has stated would be upgrading your nuke. See if you go to upgrade and then you overwrite, you will have to reedit your files. But if you wish to continue this security implimentation, may I also sudjest the database backup as well, as that will allow the admin to download your database and get key information they have no business getting. |
_________________
For those who stand shall NEVER fall and those who fall shall RISE once more!! |
|
  
  |
|
fade2gray
|
| Posted:
Sun Jun 17, 2007 9:59 am |
|
| gregexp wrote: | wait, your saying that you want admins to be superuser which shows them both the site administration panel and the modules administration panel.
Now you also want to stop them from viewing the link of edit admin but only edit admin? |
What I'm saying is "Why can superusers accidentally block/ban themselves when a relatively simple change in the code can prevent this".
| gregexp wrote: | | This would work, but the problem as Raven has stated would be upgrading your nuke. See if you go to upgrade and then you overwrite, you will have to reedit your files. |
Yes, I understand this but would it be too much to implement a small code change, as suggested, in future upgrades/releases to prevent the above problem?
| gregexp wrote: | | But if you wish to continue this security implimentation, may I also sudjest the database backup as well, as that will allow the admin to download your database and get key information they have no business getting. |
What can I say? I learn something new every day, thanks. |
| |
|
|
|
|
Raven
|
| Posted:
Sun Jun 17, 2007 10:10 am |
|
fade2gray,
This is a matter of opinion We designed NukeSentinel(tm) to give the Webmaster control, not an admin/code. We purposely chose to not make every admin protected for security reasons. The Webmaster admin should always review who the system has made an admin in the event of a hack. This not only could happen but does happen. That's why we chose the route we did. I believe that the majority of users, if polled, would choose to be safer and have to take an extra step than to have everyone who appears to be admin is automatically upgraded to protected. |
| |
|
|
|
|
fade2gray
|
| Posted:
Sun Jun 17, 2007 10:42 am |
|
| Raven wrote: | fade2gray,
This is a matter of opinion We designed NukeSentinel(tm) to give the Webmaster control, not an admin/code. We purposely chose to not make every admin protected for security reasons. The Webmaster admin should always review who the system has made an admin in the event of a hack. This not only could happen but does happen. That's why we chose the route we did. I believe that the majority of users, if polled, would choose to be safer and have to take an extra step than to have everyone who appears to be admin is automatically upgraded to protected. |
Thanks, that does clarify things a little and makes perfect sense.
So leaving the "edit admins" link for superusers to attempt to tinker with is left as kind of "hack/abuse bait", and could the same be said also for the "database backup" link that gregexp mentioned? |
| |
|
|
|
|
Raven
|
| Posted:
Sun Jun 17, 2007 11:55 am |
|
Only God admins should be able to add Admin accounts. If you don't want them to have control over the entire site, then just make them admins over individual areas but don't make them a super user. Leaving the link there should not cause you any security issues. BTW, if you can't trust your super users then don't make them super
However, in testing this, I have discovered a misfire in NukeSentinel(tm). It seems that after you protect a super user, NS will not ban the IP but still displays the Author Attack screen. We will fix that |
| |
|
|
|
|
fade2gray
|
| Posted:
Sun Jun 17, 2007 12:37 pm |
|
| Raven wrote: | | Only God admins should be able to add Admin accounts. |
Agreed.
| Raven wrote: | | If you don't want them to have control over the entire site, then just make them admins over individual areas but don't make them a super user. Leaving the link there should not cause you any security issues. |
Ok, so leaving the link there is not a security threat, but If I do want to promote someone I trust to superuser, I have to implicitly explain to them why not to click on 'edit admins' link accidentally or out of curiosity.
| Raven wrote: | BTW, if you can't trust your super users then don't make them super | Raven wrote: | | We purposely chose to not make every admin protected for security reasons. The Webmaster admin should always review who the system has made an admin in the event of a hack. This not only could happen but does happen. |
|
Could removing the 'edit admins' link from the view/temptation of superusers help prevent this?
| Raven wrote: | | However, in testing this, I have discovered a misfire in NukeSentinel(tm). It seems that after you protect a super user, NS will not ban the IP but still displays the Author Attack screen. We will fix that |
Ah! The penny has dropped! If it wasn't for this 'misfire', I'd have no need to have sought a solution and/or work-around in the first place.
No thanks for bringing it to your attention? |
| |
|
|
|
|
Raven
|
| Posted:
Sun Jun 17, 2007 12:52 pm |
|
|
|
|
|
fade2gray
|
| Posted:
Sun Jun 17, 2007 1:06 pm |
|
| Raven wrote: |  |
lol - Never dreamt I'd see the day that Raven would bow to me. I'll relish the moment while it lasts.   |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
