[wp-trac] [WordPress Trac] #10895: theme upload / delete fails due to update.php / themes.php ownerhip
WordPress Trac
wp-trac at lists.automattic.com
Sat Oct 17 10:09:55 UTC 2009
#10895: theme upload / delete fails due to update.php / themes.php ownerhip
-------------------------------+--------------------------------------------
Reporter: foresto | Type: defect (bug)
Status: new | Priority: normal
Milestone: Unassigned | Component: Upgrade/Install
Version: | Severity: normal
Keywords: reporter-feedback |
-------------------------------+--------------------------------------------
Comment(by foresto):
Replying to [comment:1 dd32]:
> Unfortunately both of those resources you've refered to do NOT make
reference to the upgrade/install process.
I'm not sure I understand you. Are you trying to say that the two PHP
files I mentioned do not contain code that is used in the theme install
process? That may be the case, but the problem I described still exists.
> you should NOT have to change the ownership of the files, or the
permission levels.
Again, I'm not sure what you're trying to say. Do you mean that theme
uploads should work without setting special ownership on the files? I
agree; that's why I filed the bug report. Do you mean that a sysadmin
should not set file ownerships to match the security practices that are
common to all unix systems running web servers and are recommended by the
Wordpress docs? I would have to be really ignorant of security issues in
order to agree with that.
> WordPress does NOT access the files directly.
Perhaps not, but the bug still exists. I have come across reports of
similar bugs that could be attributed to indirect accesses, such as
through PHP's getmyuid() function.
> WordPress uses FTP to modify the files (Unless WordPress is in a
suPHP/SuExec environment, Or you've messed with ownership/permissions),
The behavior I observed is that Wordpress tries installing themes first by
directly writing to the filesystem, and secondarily by trying an FTP
server. I've seen it install themes without an FTP server running on the
host machine, and only fail with FTP-related error messages when the
ownership of those two files is not set as I described in my report.
> It'd be much appreciated if you'd report the original error you came up
against.
I did. This is it. You might want to check out #10898 as well (which I
discovered only after a good deal of investigating the original error I
came up against).
Look, I spent a few hours diagnosing and reporting this bug because I
though I'd do the community a favor, but I'm less inclined to donate my
time when I get replies like yours. I'm not a heavy Wordpress user, and
I'm not interested in fighting to get someone to believe what I've
written, so I don't have much reason to stick around here. My report
contains enough information for someone to reproduce the problem. Go for
it.
http://www.google.com/search?&q=wordpress%20theme%20%22failed%20to%20connect%20to%20ftp%20server%22
--
Ticket URL: <http://core.trac.wordpress.org/ticket/10895#comment:2>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list