signed one-click upgrades? (1 post)

  1. viewshort
    Posted 6 years ago #

    A while ago, someone observed, on slashdot.org, "<i>If wordpress.org is hacked, again [wordpress.org], their one-click upgrade feature means instant ownage for all WordPress blogs everywhere.</i>". Someone responded to that by saying this:

    Haven't they ever heard of signed patches?

    Why can't they make the one-click upgrade verify a GPG signature before performing the installation of the code contained in the upgrade file?

    My question is... why doesn't WordPress do this? Here's a class WordPress could use to do this:


    The wordpress devs sign with their private (encrypted) key - a key that could only be obtained through having their own personal computer hacked - and wordpress then verifies that the release was signed with the private key with Crypt_RSA. To make it even harder for an attacker to get the private key secret sharing could be employed.

Topic Closed

This topic has been closed to new replies.

About this Topic