[wp-hackers] Does WordPress do automatic updates as the user that owns the files?
Harry Metcalfe
harry at dxw.com
Mon Aug 20 20:41:53 UTC 2012
On 20/08/12 21:10, Otto wrote:
> For any other case, it either asks for FTP credentials, or can use
> secure-ftp or ssh2 credentials (depending on the setup), to
> essentially perform a loopback connection to the server. Thus, while
> the PHP process may be running as "apache" or "nobody" or something,
> it will connect back to the server using, say, FTP, and give the
> proper login, then write the files via that connection. Each of the
> supported WP_Filesystem methods is in its own
> class-wp-filesystem-*.php file in the wp-includes directory, if you
> want to examine them.
>
Aha! It's that thing I've never used! Thanks for the explanation - very
useful.
It looks like this could be easily overridden, too, by setting FS_METHOD
(or using the filesystem_method filter) and including a new,
appropriately-named class in a plugin? Except there's a comment at
wp-admin/includes/file.php:844 -
> Please ensure that this is either 'direct', 'ssh', 'ftpext' or
> 'ftpsockets'
Which makes it sound like that's not possible?
More information about the wp-hackers
mailing list