WordPress.org

Make WordPress Core

Changes between Version 1 and Version 2 of Ticket #36936, comment 7


Ignore:
Timestamp:
05/25/2016 04:27:10 AM (3 years ago)
Author:
dd32
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #36936, comment 7

    v1 v2  
    11FWIW, the issue at play here isn't exactly read/write, it's the ability for the upgrade to happen in a way that the user can modify the files after the upgrade has occurred, and the web server can still serve them. It's possible for PHP to write a file to disk, be able to read it, but have the web server say "Nope! 403!" to someone who then tries to view that file.
    22
    3 WordPress operates on so many server configurations, and with PHPs very little suport/insight into the ACLs on both Windows and Linux leaves us with having to code for the lowest common denominator.
     3WordPress operates on so many server configurations, and with PHPs very little support for/insight into the ACLs on both Windows and Linux leaves us with having to code for the lowest common denominator.
    44That means that yes, we have to keep in mind PHP safe mode, we need to keep in mind linux ACLs, we need to keep in mind linux systems not using ACLs, Windows 2000~2010 servers, Unix servers, Mac servers.. etc, but then we also have to keep in mind FTP applications running upon those, which yes, a significant portion of WordPress users have as their only access to their WordPress files and hosting account.
    55