[wpmu-trac] Re: [WordPress MU Trac] #480:
/wp-admin/theme-editor.php is missing in trunk
WordPress MU Trac
wpmu-trac at lists.automattic.com
Fri Aug 29 01:18:51 GMT 2008
#480: /wp-admin/theme-editor.php is missing in trunk
-------------------------+--------------------------------------------------
Reporter: RavanH | Owner: somebody
Type: enhancement | Status: reopened
Priority: normal | Milestone:
Component: component1 | Version:
Severity: normal | Resolution:
Keywords: |
-------------------------+--------------------------------------------------
Changes (by rcain):
* status: closed => reopened
* type: defect => enhancement
* resolution: fixed =>
Comment:
I also totally agree with RavanH and axelseaa.
The issue of security should be handled by 'roles' and 'capabilities'
management.
Themes editing is so fundamental that it should be incorporated as part of
core release, otherwise you are just inviting a load of uncontrolled and
unmaintainable hacks and plugins.
If engineering a per-blog admin solution is difficult, then simply enable
it only for super admin - this makes it no more of a security risk than on
standard (non-mu) Wordpress.
re. Donchas last point - provide a warning then, and if you are an admin
who cant understand that, you shouldn't be using mu in the first place.
IMO, one of the best points of WP is that it hasn't yet obscured or
overcomplicated and it does that by leaving good php code visible,
readable and accessible to change by admins ('php is its own template').
Can we raise this on a wish-list anywhere (oops, think i just have)?
Otherwise, thanks for an outstanding product. Appreciate your work.
--
Ticket URL: <http://trac.mu.wordpress.org/ticket/480#comment:5>
WordPress MU Trac <http://mu.wordpress.org/>
WordPress Multiuser
More information about the wpmu-trac
mailing list