[wp-trac] Re: [WordPress Trac] #7779: Automatic plugin upgrade
doesn't detect the effective uid correctly.
WordPress Trac
wp-trac at lists.automattic.com
Wed Oct 15 00:14:05 GMT 2008
#7779: Automatic plugin upgrade doesn't detect the effective uid correctly.
-------------------------------+--------------------------------------------
Reporter: jamuraa | Owner: DD32
Type: defect | Status: closed
Priority: normal | Milestone:
Component: Administration | Version: 2.6.1
Severity: normal | Resolution: invalid
Keywords: reporter-feedback |
-------------------------------+--------------------------------------------
Changes (by DD32):
* status: new => closed
* resolution: => invalid
Comment:
{{{
webserver runs as user www-data
files are owned by jamuraa
webserver runs the php script as user www-data
getmyuid() returns jamuraa
posix_getuid() returns www-data
$temp_file gets written with owner www-data
}}}
Then the idea was, That you should '''not''' use the Direct FS access
because files created by the web server are not owned by the same user
that owns the WordPress files, It creates headaches when a user comes
along and wants to delete a file via FTP, and finds that, because they're
running as user xyz and not www-data, they cant delete files out of their
own directory.
Now, Some Server setups are as such that users CAN delete files created by
the web server(because the group bits are set correctly & the user is part
of the group), but there are a number which disallow it as well.
If you want to force Direct FS access rather than FTP, You may do so by
returning 'direct' on the filter [http://trac.wordpress.org/browser/trunk
/wp-admin/includes/file.php#L610 filesystem_method] I'll get around to
releasing a plugin which can override all the FS defaults at some stage..
--
Ticket URL: <http://trac.wordpress.org/ticket/7779#comment:6>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list