[wp-trac] [WordPress Trac] #24700: Permission check prevents detection of 'direct' installation method for plugins
WordPress Trac
noreply at wordpress.org
Sat Jul 6 13:55:08 UTC 2013
#24700: Permission check prevents detection of 'direct' installation method for
plugins
--------------------------+-----------------------------
Reporter: dennisjac | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 3.5.2
Severity: normal | Keywords: has-patch
--------------------------+-----------------------------
I run a Wordpress installation where permissions are primarily handled
using groups and not users. Unfortunately in order to determine whether
the 'direct' plugin installation method can be used the code checks not
only if the directory is writable but also if it has the same UID as the
executing user. This restriction isn't necessary and actually prevents
users unnecessarily from using the 'direct' method even though they should
be able to.
I attached a patch that fixes this issue. After applying the patch I can
install plugins using the 'direct' method even when the folder doesn't
belong to the apache user but write access is granted using group
permissions.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/24700>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list