id	summary	reporter	owner	description	type	status	priority	milestone	component	version	severity	resolution	keywords	cc
14736	Ability to disable theme and plugin editor	intoxination		"A good security measure would be to add the ability to disable the plugin and theme editor in wp-config. Something like:

define(""DISABLE_FILE_EDITORS"",1);

That way if a site is compromised via a brute force, there is the added security of the attacker not being able to run arbitrary PHP code through one of these files, like an exec() call. 

Of course this isn't a replacement for good server security practices, such as ensuring proper permissions and users, but it will add the ability to give another layer of security for those who wish for it and should be very simple to work in."	enhancement	closed	normal		Security	3.0.1	normal	invalid