Conversation

Notices

1. Embed this notice
   Sean King (seanking@kazv.moe)'s status on Saturday, 01-Feb-2025 07:07:36 JST Sean King
   I honestly think WordPress plugins allowing admins to grant access to the plugin's support team should be seen as a red flag for said plugins.
   • Embed this notice
     Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Saturday, 01-Feb-2025 07:07:34 JST Haelwenn /элвэн/ :triskell:

     in reply to
     @seanking Yeah sounds a bit too close to a backdoor triggerable by like social engineering to me.
   • Embed this notice
     Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Saturday, 01-Feb-2025 07:12:49 JST Haelwenn /элвэн/ :triskell:

     in reply to

     • Haelwenn /элвэн/ :triskell:
     @seanking To me it's like if flatpak/snap/… had a button to grant shell access to an app developer.
     Sure they could implement that backdoor themselves (and hopefully get caugh) but if they don't have to… yikes.