Joshua Rogers and I were chatting, and talking about how easy it would be to make a malicious module which form_alter'd the modules page and kept itself from being disabled.
Also, thinking about how much of a pain it is to write code outside of full bootstrap (update.php, install.php, etc).
One solution we stumbled across is make a "core only mode". In this mode:
- Only invocations for core modules would be allowed
- No caches or registry business (so it can be used to fuel a way out of registry or menu cache hell).
- No custom blocks (because these can contain user provided JS).
Does this sound like a reasonable way to provide a higher level of security on the pages you need to keep your installation secure and get critical information?
Comments
Comment #1
Anonymous (not verified) commentedSubscribe
Comment #2
Anonymous (not verified) commentedComment #4
sun.core commentedComment #5
webchickSorry. :\
Comment #6
axyjo commentedLooks like this is too late now. Deferred till D8.
Comment #7
klausitrailing white space.
Comment #11
klausiClosing this issue as outdated. In Drupal 8 you can write your own module handler service now that could prevent certain hook invocations as Drupal contrib module. Feel free to reopen if you think this is still relevant for Drupal core.