[wp-hackers] Are depreciated items ever removed from core

Simon Prosser pross at pross.org.uk
Thu Dec 6 20:45:03 UTC 2012


Why not make the file immutable with chattr?

On 6 December 2012 17:52, CloudPress Hosting
<cloudpresshosting at gmail.com> wrote:
> Let me restate this...your "security issue" about users bring able to
> modify or read my code via their own script or being able to unhook it is
> not a concern, accidental deletion was the issue i am trying to avoid.
>
> In fact if that was a concern i could just as easily use a core hack to
> include my code to avoid unhooking and use regular scans to detect and
> reverse any modifications. Using myhacks was a way to avoid hacking core as
> i was not aware of being able to change the mu-plugins directory. There is
> no need to be so defensive and adversarial.
> On Dec 6, 2012 2:08 AM, "Andrew Nacin" <wp at andrewnacin.com> wrote:
>
>> > The only concern with leaving it where the end user can access it is
>> being
>> > accidentally deleted i don't know why anyone would want our need to
>> effort
>> > it delete it from their own plugin code.
>>
>> My reply [1] said nothing about leaving it where you think the end user can
>> access it. It instead covered two things:
>>  1. A solution to your problem as you described it.
>>  2. Why your problem does not allow for a secure solution.
>>
>> [1]
>> http://lists.automattic.com/pipermail/wp-hackers/2012-December/044903.html
>> _______________________________________________
>> wp-hackers mailing list
>> wp-hackers at lists.automattic.com
>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>>
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers



-- 
My Blog: http://pross.org.uk/
Plugins : http://pross.org.uk/plugins/
Themes: http://wordpress.org/extend/themes/profile/pross


More information about the wp-hackers mailing list