Cascade protection and file redirects
Closed, ResolvedPublic

Description

If page [[A]] has a file link to [[File:foo]] and [[File:foo]] is a redirect to [[File:Bar]] Bar is not protected when [[A]] is cascade protected. Thus it opens a exploit to vandals to attack important pages if/when they end up using file redirects instead of direct links.


Version: 1.22.0
Severity: normal

Details

bzimport set Reference to bz23542.

A transclusion over redirect is also stored under the target template in the templatelinks table.

This is not happen for files, so there is no entry in the imagelinks table and the cascade protection cannot work.

Poke, this is still a exploitable vulnerability that needs fixed.

I'll look into this

Change 105830 had a related patch set uploaded by Anomie:
Make imagelinks work like templatelinks

https://gerrit.wikimedia.org/r/105830

Change 105830 merged by jenkins-bot:
Make imagelinks work like templatelinks

https://gerrit.wikimedia.org/r/105830

Anomie added a comment.Jan 8 2014, 4:47 PM

Should be deployed to WMF wikis with 1.23wmf10, see https://www.mediawiki.org/wiki/MediaWiki_1.23/Roadmap for the schedule.

This will, of course, depend on those pages linking to the redirect having a LinksUpdate job run (e.g. they need to be edited, or purged with forcelinkupdate, or the file redirect could be purged with forcerecursivelinkupdate).

Add Comment