https://tracker.phpbb.com/browse/PHPBB3-15928
https://github.com/phpbb/phpbb/pull/5502
https://github.com/phpbb/phpbb/pull/5501
As per the ticket, database backups could no longer be downloaded via the ACP, starting with phpBB 3.2.6.
Could you please elaborate on why is this functionality being removed?
[PHPBB3-15928] Remove support for downloading backups
Re: [PHPBB3-15928] Remove support for downloading backups
Ow, this is a surprise.v3d wrote: Tue Jan 08, 2019 8:57 am Could you please elaborate on why is this functionality being removed?
It doesn't cause any problem for me but I can't think of a reason for this move (not that I have time to think about it). (perhaps too many broken downloads because of backupsize?)
Procrastination is my hobby, but I keep on postponing it.
Re: [PHPBB3-15928] Remove support for downloading backups
I would guess that it is being removed as a security/privacy measure, possibly connected with GDPR. There have been instances where "rogue" Admins/Founders have had access to the backup facility.
David
Remember: You only know what you know -
and you do not know what you do not know!
Remember: You only know what you know -
and you do not know what you do not know!
Re: [PHPBB3-15928] Remove support for downloading backups
Correct, this is being done as further hardening of the ACP. While backups can still be created and restored, the downloading functionality will be removed to prevent the potential of unauthorized downloads of backups by admins. You will still be able to download the backups via FTP or other means of accessing the file systems as administrator.
Re: [PHPBB3-15928] Remove support for downloading backups
Thank you all for clarifying this.
If it is done for prevententing unauthorized access, it sounds to me more like an access rights problematic. Why not create an admin permission "can download backups" or more commonly "can use the backup functionality (create, restore, delete, download)"?
In general, such soluton seems more adapted to "rogue" admins who could always find a workaround. For example, in the phphBB 3.0 days there was a mod which granted full access to the private messages table via the ACP. I guess, the same could be done with extensions, while the ability to send mass emails could be exploited to extract email addresses. And of course, a rogue admin could also create and restore a corrupted backup or simply delete the entire forum along with all backups in the /store folder.
In this case, should we also disable these functionalities or allow, and most importantly, advise on stricter access control?
If it is done for prevententing unauthorized access, it sounds to me more like an access rights problematic. Why not create an admin permission "can download backups" or more commonly "can use the backup functionality (create, restore, delete, download)"?
In general, such soluton seems more adapted to "rogue" admins who could always find a workaround. For example, in the phphBB 3.0 days there was a mod which granted full access to the private messages table via the ACP. I guess, the same could be done with extensions, while the ability to send mass emails could be exploited to extract email addresses. And of course, a rogue admin could also create and restore a corrupted backup or simply delete the entire forum along with all backups in the /store folder.
In this case, should we also disable these functionalities or allow, and most importantly, advise on stricter access control?
- 3Di
- Registered User
- Posts: 951
- Joined: Tue Nov 01, 2005 9:50 pm
- Location: Milano 🇮🇹 Frankfurt 🇩🇪
- Contact:
Re: [PHPBB3-15928] Remove support for downloading backups
It might be an idea for phpBB 3.3/4, I don't see it as something to implement in 3.2 anyway.v3d wrote: Thu Jan 10, 2019 10:08 am Why not create an admin permission "can download backups" or more commonly "can use the backup functionality (create, restore, delete, download)"?
🆓 Free support for our extensions also provided here: phpBB Studio
🚀 Looking for a specific feature or alternative option? We will rock you!
Please PM me only to request paid works. Thx. Want to compensate me for my interest? Donate
My development's activity º PhpStorm's proud user º Extensions, Scripts, MOD porting, Update/Upgrades
🚀 Looking for a specific feature or alternative option? We will rock you!
Please PM me only to request paid works. Thx. Want to compensate me for my interest? Donate
My development's activity º PhpStorm's proud user º Extensions, Scripts, MOD porting, Update/Upgrades
Re: [PHPBB3-15928] Remove support for downloading backups
Why would an extra permission need to wait for a new major version, while removal of functionality can be done in a minor upgrade?3Di wrote: Thu Jan 10, 2019 10:38 amIt might be an idea for phpBB 3.3/4, I don't see it as something to implement in 3.2 anyway.v3d wrote: Thu Jan 10, 2019 10:08 am Why not create an admin permission "can download backups" or more commonly "can use the backup functionality (create, restore, delete, download)"?
Not that I really care, I never use that phpBB function anyway (MySQL Workbench ftw).
Above message may contain errors in grammar, spelling or wrongly chosen words. This is because I'm not a native speaker. My apologies in advance.
Re: [PHPBB3-15928] Remove support for downloading backups
There already is a "Can backup/restore database" Admin permission but that no affect if the user is a Founder - and that is what this change is aimed at preventing.
I would prefer a change where there can only be one Founder as that would get around all of these types of problems.
I would prefer a change where there can only be one Founder as that would get around all of these types of problems.
David
Remember: You only know what you know -
and you do not know what you do not know!
Remember: You only know what you know -
and you do not know what you do not know!
Re: [PHPBB3-15928] Remove support for downloading backups
I wouldn't.david63 wrote: Thu Jan 10, 2019 1:03 pm I would prefer a change where there can only be one Founder as that would get around all of these types of problems.
That would result in a single point of failure. What is that founder is needed for an urgent task and he or she is unavailable because of vacation, illness or -worse- some accident or perhaps even death?
Yeah of course you can always gain access through the database but that assumes much deeper knowledge of both phpBB and MySQL.
Above message may contain errors in grammar, spelling or wrongly chosen words. This is because I'm not a native speaker. My apologies in advance.
Re: [PHPBB3-15928] Remove support for downloading backups
What if the founder (site admin) is unreachable and has also stopped paying the bills, while other founders do not have FTP access? This exact scenario happened to several long-running forums I use to visit (2 SMF-based & 3 phpBB-based, one of which I'm currently hosting). The only thing that saved these forums was the ability to download backups via the ACP.
As for the backups permission, David has a point, it already exists
Given all this, a simple, yet relatively effective solution could be a notification to promote stricter control over founder/admin rights. e.g. On update, after login to the ACP: "Please review and remove all unwanted Founder and Admin permissions as it could result in unauthorized access to the ACP, stolen data (GDPR) etc; Here is the current list of such users with their respective permissions..."
As for the backups permission, David has a point, it already exists
Given all this, a simple, yet relatively effective solution could be a notification to promote stricter control over founder/admin rights. e.g. On update, after login to the ACP: "Please review and remove all unwanted Founder and Admin permissions as it could result in unauthorized access to the ACP, stolen data (GDPR) etc; Here is the current list of such users with their respective permissions..."