[wp-trac] [WordPress Trac] #15088: Reduce Remote Dependency of the Network Admin
WordPress Trac
wp-trac at lists.automattic.com
Fri Mar 18 12:28:24 UTC 2011
#15088: Reduce Remote Dependency of the Network Admin
--------------------------------------+-----------------------
Reporter: hakre | Owner:
Type: feature request | Status: reopened
Priority: normal | Milestone:
Component: General | Version: 3.0
Severity: normal | Resolution:
Keywords: needs-patch dev-feedback |
--------------------------------------+-----------------------
Comment (by dd32):
> that if /dev/urandom is available on the local system, the remote
request would not be necessary at all?
It's not as simple as that.
Yes, If a true random source is available locally, then a remote request
would not be required.
However, A significant proportion of !WordPress installations are in
environments where !WordPress are unable to either a) determine if they
have a random source available and accessible or b) unable to rely upon
said random source.
Many installations will block access to files outside of certain
directories, and is_readable() is not always reliable (Causing either a
Warning/Notice to be issued at the time of checking, or upon actually
accessing file after is_readable has given the all clear).
It comes down to reliability and ensuring that all users get the best
possible security available to them.
In the standard wp-config.php generator, we offer the ?no-api call to
bypass remote API calls, I'm not sure if something similar is offered for
the Network Creator.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/15088#comment:11>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list