[wp-hackers] Making WP more secure the evolutionary way

g30rg3_x g30rg3x at gmail.com
Wed Jan 28 05:36:25 GMT 2009

2009/1/27 Florian Thiel <flo.thiel+wphackers at googlemail.com>:
> On Tue, Jan 27, 2009 at 1:12 AM, g30rg3_x <g30rg3x at gmail.com> wrote:
> You're right. My motivation is to make WP more robust against
> filtering omissions. Can you elaborate on why you think WP would fail
> if it did something like that "just" for security reasons? I think WP
> users really care about security so unless it has adverse effects on
> other parts of the system (or does not improve security at all),
> where's the failure?

Totally unnecessary they already exist so they won't improve security
at all, is like Jacob Santos says...

2009/1/27 Jacob Santos <wordpress at santosj.name>:
> The problem with saying that this is for 'security' is that security is already being handled in the API

Also if you achieve total abstraction of the DB (which surely will
limit the power of the wp plugin developers), developers then would
start avoiding the abstracted layer and make his own direct DB
connections so you are in danger of encourage them to do it by his own
hands rather than truth the API.

CONFIDENTIALITY NOTICE: This message is intended to be viewed only by
the listed recipient(s).
It may contain information that is privileged, confidential and/or
exempt from disclosure under
applicable law. Any dissemination, distribution or copying of this
message is strictly prohibited
without our prior written permission. If you are not an intended
recipient, or if you have
received this communication in error, please notify us immediately by
return e-mail and
permanently remove the original message and any copies from your
computer and all back-up systems.

More information about the wp-hackers mailing list