Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

Archive /

Our old forums are still available as a read-only archive.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo

Is db/build a security problem?


Go to End


6 Posts   2582 Views

Avatar
xmedeko

Community Member, 94 Posts

14 June 2007 at 11:51am

I can do

http://www.silverstripe.com/db/build

and see your tables. Is that a security problem? What about a patch like this:

--- DatabaseAdmin.php.orig 2007-06-14 11:49:31.000000000 +1200
+++ DatabaseAdmin.php 2007-06-14 11:48:58.000000000 +1200
@@ -88,6 +88,9 @@

function doBuild($quiet = false) {
+ if (!Director::isDev() && !Director::isTest()) {
+ return;
+ }
if($quiet) DB::quiet();
else echo "<h2>Building Database</h2>";

Avatar
Sam

Administrator, 690 Posts

14 June 2007 at 8:26pm

It's not a massive problem, but it's something that should be tidied up.

The best bet is to force admin log-in for these kinds of actions, since sometimes you want to be able to do this on the live site - to update the schema after republication, for example.

One of the issues is that we will run into at our office is that our publication script needs to be able to visit db/build without logging in.

I recommend that we set up some kind of "debug security" option in the form of a function called Security::use_debug_security();

It will
* Check that the IP requesting isn't one of the "allowed IPs"
* Otherwise, check that this current user has admin privileges
* Otherwise, redirect to the log-in page and end execution.

function doBuild($quiet = false) {
+ Security::use_debug_security();
if($quiet) DB::quiet();
else echo "<h2>Building Database</h2>";

We can add a method Security::allow_debug_security_for($ip). $ip could be:
* 192.168.0.1
* 192.168.0/24
* 192.168/16
* 192/8

This debug security option can also be used on manually switching to dev mode, viewing profile / debugging information, flushing the templates, etc.

Avatar
Sam

Administrator, 690 Posts

17 June 2007 at 6:12pm

I've deleted the preceeding post; don't really want to have that kind of information available for public reading.

Thanks for pointing this out, xmedeko, we'll be looking into this as a top priority and I'll let you know once we've sorted this.

Avatar
Sigurd

Forum Moderator, 628 Posts

18 July 2007 at 2:21pm

This is resolved in v2.0.2 that came out a few days ago.

You now have to log in as an administrator to run db/build

Avatar
JoGiles

9 Posts

28 July 2007 at 12:55pm

Edited: 28/07/2007 1:05pm

Hey guys,

I'm running silverstripe 2.0.2b, but can't log in to /db/build with my user login details. I am an administrator within the site, and can log in to that fine - but not into /db/build (where I want to go to install forum support).

Perhaps there has been an oversight in this improvement? I would hazard a guess (without knowing the silverstripe codebase) that the problem is in DatabaseAdmin's build() function around that if statement.

Cheers,
Jonathan Giles

Avatar
elijahlofgren

Google Summer of Code Hacker, 222 Posts

29 July 2007 at 4:18pm

Hi JoGiles,

It seems that sometimes build/db authentication does not work. It works on my local dev server, but not on my remote one. The best workaround that I know of is to temporarily enable dev mode: http://doc.silverstripe.com/doku.php?id=devmode

Hope this helps,

Elijah