[wp-hackers] Automatic Upgrades with InstantUpgrade plugin

Doug Stewart zamoose at gmail.com
Wed Apr 4 19:59:33 GMT 2007


On 4/4/07, Keith Constable <kconstable at kccricket.net> wrote:
> On 04/04/07 13:29, Doug Stewart wrote:
> > On 4/4/07, Alex Günsche <ag.ml2007 at zirona.com> wrote:
> >
> > I agree that messing with the perms on a WP install is a Bad Idea(tm).
> >  Your methodology assumes that everyone has FTP access, though, which
> > isn't a universal truth.  Some may be CPanel-limited, others
> > SFTP-only.
>
> I'd assume most CPanel-limited users would be installing WordPress through
> Fantastico.  Wouldn't most users using SFTP (as in file transfers over ssh) be
> running their own servers?  In that case, those users wouldn't likely need an
> easy update system anyway ("$ svn update").  I've never used a shared hosting
> provider that only provided SFTP access, but it's been about five years since I
> used shared hosting at all.
>

*shrug*  Dreamhost offers SSH/SFTP services with all its plans, so I
have a bit of a skewed view of the hosting world as well, it seems.

> > One tack that hasn't been pursued is a PHP frontend to a shell
> > scripted backend.  Have you thought of that, perhaps?  You'd obviously
> > need different scripts for Windows vs. *NIX hosts, but it wouldn't
> > really be any more insecure than using FTP as a method for doing this.
>
> The only thing insecure about it is running an FTP server to begin with.  The
> connection from PHP to the FTP server would be done via localhost, so the
> information never leaves the computer and, therefore, can't be sniffed by third
> parties.

I suppose it would be worth a shot, although I would imagine shared
hosts are going to be a bear to get working correctly in this sort of
FTP-centric setup...

-- 
-Doug

http://literalbarrage.org/blog/


More information about the wp-hackers mailing list