[wp-trac] Re: [WordPress Trac] #5262: Theme editor should allow creation of files.

WordPress Trac wp-trac at lists.automattic.com
Fri Oct 26 16:32:31 GMT 2007


#5262: Theme editor should allow creation of files.
--------------------------------------+-------------------------------------
 Reporter:  youngmicroserf            |        Owner:  anonymous
     Type:  enhancement               |       Status:  new      
 Priority:  normal                    |    Milestone:  2.5      
Component:  Administration            |      Version:  2.3      
 Severity:  minor                     |   Resolution:           
 Keywords:  admin theme theme-editor  |  
--------------------------------------+-------------------------------------
Comment (by santosj):

 Yeah, they can still include the wp-config.php and totally pwn the server
 without their mad skillz.

 Creating files should only be allowed by FTP only. For security. Unless
 you like, want other people to be able to customize their stuff and use
 other themes. It might be a pain, but you know because I don't really.

-- 
Ticket URL: <http://trac.wordpress.org/ticket/5262#comment:3>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list