Comments on: WPAU security fixes released

By: Tomas

Tomas — Sat, 15 Sep 2007 12:23:41 +0000

Hello!

I have one question:

how plugin operate if there are changes in WordPress file structure?

Does it delete unused or moved files and folders?

Tomas

By: ovidiu

ovidiu — Thu, 13 Sep 2007 21:36:03 +0000

being on debian I do a chown -R myuser:www-data /public_html so my user is the owner and www-data debians user for apache2 is the owning group. then chmod -R 775 /public_html

so this should be enough for the plugin, but it does not work, I have to do a chown www-data:www-data for it to work.

could you please refine your checks or tell me why it doesn’t work like I described? any other plugin that needs to write to my public_html directory works with this setup…

By: ovidiu

ovidiu — Wed, 12 Sep 2007 11:29:29 +0000

hi there.
I have one site where it always tells me the web server is not allowed to write to that directory. which is wrong. can you explain how your plugin checks for this?

By: Ganadores del concurso: Wordpress Plugin Competition (conclusiÃƒÂ³n: no descargar hasta que salgan parches que arreglen el problema)

Tue, 28 Aug 2007 02:16:47 +0000

[...] Link a la versiÃƒÂ³n actualizada ActualizaciÃƒÂ³n 2: Revisando el post de los ganadores en weblogs, me encuentro con una respuesta de Mark, el “de la pÃƒÂ¡gina”, que dice lo siguiente: Estoy de acuerdo con Eduo pero agradezco el tiempo que David se ha tomado para informarnos. Los problemas de seguridad con los plugins estÃƒÂ¡n limitados solamente a usuarios que estÃƒÂ©n logeados, pero deberÃƒÂan ser reparados. Dado a que el autor original de la vulnerabilidad ha dicho que ha contactado a los autores, deberÃƒÂamos tener versiones parchadas pronto. [...]