[wp-hackers] Automatic Upgrades with InstantUpgrade plugin

Doug Stewart zamoose at gmail.com
Wed Apr 4 17:29:34 GMT 2007

On 4/4/07, Alex Günsche <ag.ml2007 at zirona.com> wrote:
> On Wed, 2007-04-04 at 10:29 -0400, Doug Stewart wrote:
> > I'm a bit fuzzy on what exactly you'll be using the FTP for.  What
> > portion of the upgrade process are you proposing be accomplished via
> > FTP?  Downloading the .zip/tar.gz of WordPress from wp.org?
> No, the deleting and inserting of the WordPress files on the user's
> webspace. If I let the webserver do this, it will need permissions like
> 777 (for directories) or 666 (for files), because on most hosts, FTP
> user and webserver user have different system accounts. Now if I would
> log into the webspace with FTP credentials, I would act as FTP user, and
> could therefore overcome permission issues.

You'll be FTPing _from_ the webhost _to_ the webhost?  Hmmm.

> > What advantages do you percieve in this method over your current
> > methodology
> Users don't have to make tons of files writable, and the WP root doesn't
> have to be left writable. Also, once a user wants to remove the plugin,
> he/she must perform a pain-in-the-you-know-where procedure to regain
> ownership of the files. This would all become obsolete when using FTP;
> the user would enter the credentials once, and would not be bothered by
> chmod issues.

I agree that messing with the perms on a WP install is a Bad Idea(tm).
 Your methodology assumes that everyone has FTP access, though, which
isn't a universal truth.  Some may be CPanel-limited, others

The fundamental problem with in-line updates is that, in order for
them to work, the webserver must have perms to alter the files in
question which is a terribly vexing security issue in any situation.

One tack that hasn't been pursued is a PHP frontend to a shell
scripted backend.  Have you thought of that, perhaps?  You'd obviously
need different scripts for Windows vs. *NIX hosts, but it wouldn't
really be any more insecure than using FTP as a method for doing this.

I guess what I'm trying to say is that web-based updates aren't a
great idea for the core app.  Migrating to a new version of WP is a
weighty decision and, as such, ought to have some serious thought put
into it by the ones doing the updating.  Simply clicking a few buttons
is a great way to get into a heap o' trouble, particularly if you're a
leading podcaster with an allergy to README.txts.  *grin*  (And
Charles, if you're reading this, we love you, buddy!)

> >  (one which received a bit of a knock in the WP Podcast
> > #21, btw. http://tinyurl.com/3cgvd9   *grin*)
> Yes... that episode. ;) I am a bit disappointed how somebody can make
> (and admit!) a stupid mistake, then attribute it to the plugin, and then
> talk five minutes about how screwed that plugin is. But, ok... it's his
> opinion, and I guess he didn't mean to be so harsh (as the comments also
> show).

Charles did indeed seem to be apologetic in the comments.  Didn't
credit me for getting him set back on the right path in #wordpress
either!  Such are the perils of the Intarweb[s].  *chuckle*



More information about the wp-hackers mailing list