[wp-hackers] [Suggestion] Relocate some installation/upgrading files
Goghs Cheng
chenggao at gmail.com
Tue Jun 22 08:29:28 UTC 2004
The existed file hierarchy of WP (including cvs) places those
installation/upgrading/data-importing related files under wp-admin/
directory directly. Personally I think it's not a good idea.
Obviously many users, especially new users who dont understand WP too
much, may leave those files as they are after installation or
upgrading. Because these files have intensive database operations, if
there is any potential security problem in these files, entire WP
installation may compromise.
For those scripts used to import data from other blog tools, they are
only onetimer if used.
So my suggestion is to put them in separate directory or directries as
wp-install, wp-tool etc.
And WP manual should instruct users to delete this(these)
directory/directories after installation/upgrading/importing.
BTW, I have a question, that's why we need directory names as
wp-admin/, wp-include/? Why not admin/, include/? For a WP
installation, wp- prefix seems redundant.
More information about the hackers
mailing list