There probably is some solution to this, whether it involves code running on just the wordpress installation or a combination of a wordpress installation and a master server I am not sure yet, but please remember not to have tunnel vision and consider any and all possible solutions:
The scenario is this: A WordPress plugin (plugin-A) that manages some sort of valuable data (something that the admin would not want stole开发者_高级运维n), lets say, lead data with user's name and email addresses, the plugin uses its own db tables.
Other than the obvious (which is the admin installing plugin-B, not knowing its malicious intent), what is to prevent another WordPress plugin (plugin-B) from accessing plugin-A data or hacking plugin-A files to circumvent security.
Trouble is, you'll be trying to protect the system from something that is running within it - the very nature of a WordPress plugin is that it has;
- Database name, username and password, along with...
- An active database connnection, with which it could easily query to find all tables and their structures, no matter how obscure
- It is running inside the WordPress script, and has access to all globals, functions and classes
If the data you're working with is that sensitive, or you simply don't want to run the risk, don't allow plugins (at least not without checking the source code first).
精彩评论