[wp-hackers] Backup, wp-content
r at schestowitz.com
Tue Dec 20 02:15:11 GMT 2005
_____/ On Tue 20 Dec 2005 01:38:07 GMT, [Scott Merrill] wrote : \_____
> I alerted the Forum crew that the wp-db-backup plugin bundled with the
> forthcoming WordPress 2.0 requires that /wp-content/ be writable. The
> reason it requires write access is to create a non-obvious backup
> directory in which to store the temporary file(s) (it appends the last
> five characters of the md5 hash of the password in wp-config.php).
> I opened a ticket about this:
> which Matt closed. I'm less than thrilled, but ultimately don't care
> enough to push further.
> A few forum folks were taken aback by the requirement for /wp-content/
> to be writable:
> This goes against the recommended file permissions defined in the
> "Hardening WordPress" Codex guide (disclaimer: I wrote the recommended
> file permissions for that page):
> I understand why this change was made, and I don't necessarily disagree
> with it. But it does substantially complicate support without providing
> significantly improved security. The current mechanism is still
> susceptible to brute-force attacks to determine the specific characters
> that make up the suffix for the backup directory.
> I think one way to ease support, while simultaneously protecting the
> backup directory, would be to stick an empty index.php inside the
> /backup/ directory, and drop the use of the suffix.
> I asked in #wordpress whether this is something I should bring to the
> hackers list, to elicit more participation in the discussion, so here I am.
> Do you all find it acceptable to require all of /wp-content/ to be
> writable by the webserver (with the caveat that those that don't like it
> don't need to use this plugin)?
> Are there alternatives you might suggest?
I am probably missing something (like the trail of all arguments), but
needn't wp-content be writable already? For image uploads to work from the
dashboard, wp-content/uploads need to have its full path writable.
Although I had set this manually I noticed that wp-content/cache was set
to 777 'out of the box'. /plugins and /themes remain read-only, as expect-
ed. As long as you don't permit people to hijack your blog, the server
will not be compromised.
 In order for images to be conveniently managed and plug-ins have more
power, this might be desirable.
More information about the wp-hackers