Enhanced security by using a backend tool

As I am working on an advanced Drupal website I found out that running heavy backend work on that site was quite a feat (i.e. the cron.php feature.) The fact is that some tasks require you to be an administrator. For example, if you want the system to automatically delete a page (called "node" under Drupal) then you need to be a user that can delete pages, otherwise it will fail (i.e. not enough rights.)

One simple way to palliate is to load a user with enough rights, proceed with the deletion, and then restore the anonymous user.

<?php
  [...]
  global $user;
  $current_user = $user;
  $user = user_load(1);
  // do the work as administrator
  node_delete($nid);
  $user = $current_user;
  [...]

Here there are two main problems: first of all you probably want to have a try/catch to if something fails while you enhanced the CRON user rights you can still restore the $user to the anonymous user.

The other problem is while running the node_delete() function (precisely, between the $user = user_load(1) and the $user = $current_user) the user in a browser has access to the website as the administrator (his account status was artificially upgraded...)

To avoid problems, you can test the IP address of the remote user and only allow your server to access CRON. (Actually, it should be a core feature because otherwise anyone can access your cron.php and in some cases it can put your web server on its knees.)

<?php
  [...]
  if(ip_address() == '123.1.1.1') {
    global $user;
    $current_user = $user;
    try {
      $user = user_load(1);
      // do the work as administrator
      node_delete($nid);
    }
    catch(Exception $e) {
      $user = $current_user;
      throw $e;
    }
    $user = $current_user;
  }
  [...]

Now you at least eliminate the security problem.

In case of Snap, we do not offer a backend that you can start from your browser so it is always run as an administrator user directly on a backend server (i.e. it can run on a server that is not directly accessed by the outside world, except for Cassandra connections and replication features.) We already have a snapbackend tool that works for the sitemap.xml file!

Syndicate content

Snap! Websites
An Open Source CMS System in C++

Contact Us Directly