[wp-forums] Security and Accountability

Matt matt at didcoe.id.au
Sun Mar 5 00:10:48 GMT 2006 

It's an issue which puts all of us in a difficult position.

However...I don't think getting angry and blaming everything on Matt
will help.

I don't answer a lot of posts anymore because I know I'm running the
risk of somebody coming back and saying that what they did screwed up
their whole hosting system.

I know what I'm doing and hopefully most other people do as well...

Wp-content being writable publically opens a whole new vaunerability
which I think needs to be looked at again.


> -----Original Message-----
> From: Podz [mailto:podz at tamba2.org.uk]
> Sent: Sunday, 5 March 2006 6:25 AM
> To: wp-forums at lists.automattic.com
> Subject: Re: [wp-forums] Security and Accountability
> 
> Podz wrote:
> > There are many hosts with many setups and as such WordPress
> > documentation cannot cater for all - so it approaches this by
catering
> > for none. It does this for the above reason and also for another -
so WP
> > cannot be blamed.
> > The fault is pushed to the user.
> > Yet no page at wordpress.org carries any advice on permissions.
> > The readme.html with the package carries no advice on permissions.
> > Codex carries no specific advice on permissions.
> 
> Two points.
> 
> 1 - As I cannot find anything even close to a readable answer in my
web
> searching, I'm not answering any permissions issues again. I encourage
> other moderators to also ignore such questions or to direct users to
> some page they may think is useful. The label 'moderator' may give the
> impression that advice is 'official'.
> 
> 
> 2 - Matt, as the lead developer of WordPress are you prepared to stand
> by every word of the documentation that covers security ?
> If you are, great. Your advice on improving it would be welcome.
> If you are not, I recommend that those pages in Codex are deleted.
> 
> P.
> _______________________________________________
> wp-forums mailing list
> wp-forums at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-forums
> 
> 
> --
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.1.375 / Virus Database: 268.1.2/274 - Release Date:
3/03/2006
> 

-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.375 / Virus Database: 268.1.2/274 - Release Date: 3/03/2006

More information about the wp-forums mailing list