[wp-trac] [WordPress Trac] #10205: getmyuid() called instead of posix_getuid() in get_filesystem_method() (wp-admin/includes/file.php)

WordPress Trac wp-trac at lists.automattic.com
Mon Feb 21 21:27:06 UTC 2011


#10205: getmyuid() called instead of posix_getuid() in get_filesystem_method() (wp-
admin/includes/file.php)
------------------------------------+-----------------------------
 Reporter:  pgl                     |       Owner:  dd32
     Type:  enhancement             |      Status:  reopened
 Priority:  normal                  |   Milestone:  Future Release
Component:  Filesystem              |     Version:  2.8
 Severity:  normal                  |  Resolution:
 Keywords:  has-patch dev-feedback  |
------------------------------------+-----------------------------

Comment (by Aikar):

 also, I understand wordpress is trying to display the FTP login method
 instead of direct under any possible condition for failure, but to
 disconvenience users who have a more proper server setup is not a good
 idea.

 My server permissions are setup so that the web user will always have
 access to files, and multiple users can edit files over SSH/SFTP, so the
 files can be owned by diff people.


 If the user has write permissions to a directory, it doesnt matter if they
 are the owner or not.

 checking the owner does not change the fact of do they have permissions or
 not.

 they could have owner on wp-content and not on wp-content/themes and pass
 the check, but it doesnt change anything.

 Simply removing that line and use fs method = direct if the user has write
 permissions will be more flexible.

 This current line says "hey, you have write permissions, but im going to
 fail you anyways". it doesnt make sense to me. PHP has full write access
 to a directory yet WP is denying it.

 I dont like the idea of having to tell everyone i host websites for they
 have to add a line to wp-config.php in order to use any auto update
 feature (I dont have FTP on my server anyways...)

 If you really want to be safe, wordpress could simply scan the entire
 directory tree and ensure write permissions to all directories it needs
 access to before attempting install, then prompt FTP if it had issues in
 any directory, and alert user why its asking for FTP instead of just
 installing.

 We dont need any of this posix_getuid or getmyid() stuff

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/10205#comment:15>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list