Allow controlled admins to edit plugins?

  • Obviously this creates a major loophole in the security functionality, but it would be a really helpful feature to have.

    Reason for needing this: I’d like to give vendor support staff access to the plugin editor without giving them effortless access to other areas of the site that they would traditionally be able to access like user accounts and the like. I trust the people, so it’s not so much a security concern as a user privacy one.

    Of course, if you can prevent them from editing only Controlled Admin Access then the security loophole is more or less avoided, though there’s plenty of other ways to do damage.

    Thoughts? Thanks for the great plugin!

Viewing 5 replies - 1 through 5 (of 5 total)
  • Thread Starter slapbox

    (@slapbox)

    Specifically, to clarify, I’m referring to the Plugin Editor feature built into WordPress.

    Thread Starter slapbox

    (@slapbox)

    Doh… I didn’t realize you could drop these things down for more options. This plugin is even greater than I had thought.

    Unfortunately still can’t check that. Again, totally understand why, but it would be a great option to add with a disclaimer about the danger.

    • This reply was modified 4 years, 9 months ago by slapbox.
    Thread Starter slapbox

    (@slapbox)

    @waseem_senjer any comment? I understand it’s sort of an edge case but I’d love to see it implemented with a warning rather than completely blocked off.

    Plugin Author Waseem Senjer

    (@waseem_senjer)

    Hi @slapbox
    I like the idea of enabling all of the checkboxes to be enabled. And a warning message can be useful to warn admins about enabling these options.

    I will add this in the next release of the plugin. Hopefully, next week.

    Thanks for sharing this with me.
    Waseem

    Thread Starter slapbox

    (@slapbox)

    That’s awesome to hear! Thanks a ton for everything!

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Allow controlled admins to edit plugins?’ is closed to new replies.