[wp-trac] [WordPress Trac] #17277: Security needs need to be clearly documented
WordPress Trac
wp-trac at lists.automattic.com
Fri Apr 29 14:20:43 UTC 2011
#17277: Security needs need to be clearly documented
-----------------------------+-----------------------------
Reporter: novasource | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Upgrade/Install | Version: 3.1
Severity: normal | Keywords:
-----------------------------+-----------------------------
Since WordPress now has self-updating capabilities, most, possibly all, of
WordPress files need to be writable by the Apache process.
http://codex.wordpress.org/Changing_File_Permissions makes no mention of
permissions that allow self-updating. Following that pages's advice
literally, the updater process would always fail to update and take people
to that goofy "enter your FTP credentials" page.
Some Google searching does not come up with a definitive answer.
For the sake of communicating best practices, please update
http://codex.wordpress.org/Changing_File_Permissions so that it explains
the recommended permissions needed to auto-update WordPress.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/17277>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list