Till Maas wrote:
With using the FAS credentials, that allow to produce major damage in the wrong hands, within an application that is considered not very secure make my security concerns grow a lot more. I know that they are already used for OpenID and Mediawiki in Fedora, so there are a lot of attack vectors there, but maybe RPMFusion could be more secure.
This is a fair concern - wordpress has a poor history. However, the potential for an exploit being harmful would be minimal because WP would never store the FAS password and a validated WP session has no control over FAS. All authentication with FAS would be done over SSL: at no point is the password sent over a non-encrypted connection and it is never stored anywhere within wordpress or logged anywhere on the client machine/within the session/on the wordpress server.
Additionally, even if an attacker can hijack a validated wordpress session there would be no way they could use that hijacked session to attack FAS since there is no two-way link between WP and FAS. So the potential for any harmful exploit should be no greater (and potentially less since the pw is never stored) than for the other third-party apps that have already been integrated with FAS.
Of course, I will check all this out with the FAS developers and ensure that they agree that it is as safe as possible.
