[theme-reviewers] Where is the line?
Emil Uzelac
emil at themeid.com
Sun Jun 26 02:15:19 UTC 2011
Bruce, it would be much easier to track and to respond on your messages if
they are not sent separately. "Where is the line?" and "Sorry, Otto, you
just don't get it". Please feel free to combine them into one. When
responding try to use the same system.
Cheers,
Emil
----
*Emil Uzelac* | ThemeID | T: 224-444-0006 | Twitter: @EmilUzelac | E:
emil at themeid.com | http://themeid.com
Make everything as simple as possible, but not simpler. - Albert Einstein
On Sat, Jun 25, 2011 at 8:57 PM, Bruce Wampler <brucewampler at gmail.com>wrote:
> I've read some comments that well implemented shared hosting sites don't
> have a problem with file ownership, which seems to be at the heart of the
> fopen issue.
>
> So, out of curiosity, why is it OK for the standard WP media library loader
> to upload files and have them owned by apache and not the user. Why doesn't
> it insist on using FTP as necessary? Seriously, why not?
>
> Why should themes be held to a higher standard than a fundamental part of
> WP - the media library?
>
> And in the big picture of the WP world, why have security issues taken over
> theme submission, when there are no controls whatsoever for plugins? The
> simple answer is that you have to start somewhere, but why are theme authors
> bearing the brunt of the issue? Why do I have to spend hours and hours of my
> (volunteer) time to understand the confusing WP file library, and then
> rewriting hundreds of lined of perfectly good code that uses fopen handles
> in creative ways (like to easily switch between file output and "echo"
> output with the same code), when many of the most popular plugins are
> subject to absolutely no reviews or standards whatsoever. If security is
> such an issue, then I suggest at least a little energy be diverted to
> getting control of plugins.
>
> --
> -----------
> Bruce Wampler, Ph.D.
>
> Software developer
> Creator of first spelling checker for a PC
> Creator of Grammatik(tm), first true grammar checker
> e-mail: bw at brucewampler.com
> blog: brucewampler.wordpress.com
>
> ______________________________**_________________
> theme-reviewers mailing list
> theme-reviewers at lists.**wordpress.org<theme-reviewers at lists.wordpress.org>
> http://lists.wordpress.org/**mailman/listinfo/theme-**reviewers<http://lists.wordpress.org/mailman/listinfo/theme-reviewers>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wordpress.org/pipermail/theme-reviewers/attachments/20110625/0bd86f79/attachment.htm>
More information about the theme-reviewers
mailing list