From f6209e2d115d733679553b65386660ee255203d8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gerg=C5=91=20Tisza?= <tgr.huwiki@gmail.com>
Date: Sun, 10 Jun 2018 15:32:56 +0200
Subject: [PATCH] [SECURITY] Enable elevated login security for bot passwords

Prevent abuse of bot passwords as permanent back channels
after XSS-based account compromise by requesting reauthentication
before bot password management.

Bug: T194204
Change-Id: I18708e0f01069876794c900daf5850e668804bcc
---
 includes/specials/SpecialBotPasswords.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/includes/specials/SpecialBotPasswords.php b/includes/specials/SpecialBotPasswords.php
index f03565a..d175937 100644
--- a/includes/specials/SpecialBotPasswords.php
+++ b/includes/specials/SpecialBotPasswords.php
@@ -57,6 +57,10 @@ class SpecialBotPasswords extends FormSpecialPage {
 		return $this->getConfig()->get( 'EnableBotPasswords' );
 	}
 
+	public function getLoginSecurityLevel() {
+		return 'BotPasswords';
+	}
+
 	/**
 	 * Main execution point
 	 * @param string|null $par
-- 
2.7.4