Joseph Scott wrote: > > Properly set permissions should stop that from working. The plugin > would be run as the web server user, who doesn't need write permissions > in order to run PHP code. Three words: PHP as CGI (Which happens to be my preference.)