[wp-hackers] Auto Update Plugins

Doug Smith doug at smithsrus.com
Tue Feb 17 21:59:31 GMT 2009


That may be a mute point because permissions would likely need to be  
set for a plugin data folder anyway. The uploads folder contains  
pictures and such that, by design, are to be shared with the world.  
However, plugin data being viewable by the world could have security  
implications. I certainly wouldn't want that folder readable through  
the Web server like the upload folder needs to be.

On Tue, Feb 17, 2009 at 4:01 PM, Nathan Rice <ncrice at gmail.com> wrote:
> My point was, like Otto's, that there is a permissions issue.  Most  
> people
> know to set their permissions on the uploads folder. Adding a new root
> director to /wp-content/ is just one more thing for them to think  
> about,
> whereas uploads is most likely already set up to be writable by the  
> server
> user.

--
Doug Smith <doug at smithsrus.com>
<http://smithsrus.com>



More information about the wp-hackers mailing list