[wp-hackers] Automatic Upgrades with InstantUpgrade plugin
Doug Stewart
zamoose at gmail.com
Wed Apr 4 19:59:33 GMT 2007
On 4/4/07, Keith Constable <kconstable at kccricket.net> wrote:
> On 04/04/07 13:29, Doug Stewart wrote:
> > On 4/4/07, Alex Günsche <ag.ml2007 at zirona.com> wrote:
> >
> > I agree that messing with the perms on a WP install is a Bad Idea(tm).
> > Your methodology assumes that everyone has FTP access, though, which
> > isn't a universal truth. Some may be CPanel-limited, others
> > SFTP-only.
>
> I'd assume most CPanel-limited users would be installing WordPress through
> Fantastico. Wouldn't most users using SFTP (as in file transfers over ssh) be
> running their own servers? In that case, those users wouldn't likely need an
> easy update system anyway ("$ svn update"). I've never used a shared hosting
> provider that only provided SFTP access, but it's been about five years since I
> used shared hosting at all.
>
*shrug* Dreamhost offers SSH/SFTP services with all its plans, so I
have a bit of a skewed view of the hosting world as well, it seems.
> > One tack that hasn't been pursued is a PHP frontend to a shell
> > scripted backend. Have you thought of that, perhaps? You'd obviously
> > need different scripts for Windows vs. *NIX hosts, but it wouldn't
> > really be any more insecure than using FTP as a method for doing this.
>
> The only thing insecure about it is running an FTP server to begin with. The
> connection from PHP to the FTP server would be done via localhost, so the
> information never leaves the computer and, therefore, can't be sniffed by third
> parties.
I suppose it would be worth a shot, although I would imagine shared
hosts are going to be a bear to get working correctly in this sort of
FTP-centric setup...
--
-Doug
http://literalbarrage.org/blog/
More information about the wp-hackers
mailing list