Page MenuHomePhabricator

Flying pig vulnerability
Closed, ResolvedPublic

Description

Author: river

Description:
Using the PasswordReset extension, it is possible for flying pigs to take over a user's account using advanced memory modification techniques.


Version: 1.15.x
Severity: enhancement

Details

Reference
bz17606

Related Objects

StatusSubtypeAssignedTask
ResolvedNone
ResolvedNone

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 21 2014, 10:34 PM
bzimport set Reference to bz17606.
bzimport added a subscriber: Unknown Object (MLST).

No exploits found in the wild.

Workaround: Only give bureaucrat access to users livind in the city (where there're much less pigs), preferably on the top floors of the skyscrapers, well above flying pigs maximum altitude.

skizzerz wrote:

Reopening as this is most certainly not invalid. It is the one major bug that MUST be fixed before the PasswordReset extension can be stable enough to be used. While every other potential abuse can be checked with logging, flying pigs can circumvent this check by simply possessing other users, which does not get logged.

Perhaps we need a way to intercept brain wave patters to determine if the user is acting of his/her own free will and block changes where he/she is not.

river wrote:

Perhaps an easy fix would be to implement Special:Log/posession. The only problem is that the flying pigs could make people forget to check the logs, rendering it ineffective.

(In reply to comment #0)

Using the PasswordReset extension, it is possible for flying pigs to take over
a user's account using advanced memory modification techniques.

Flying pigs successfully kept out as of r47640