Package: wordpress Version: 2.0.4-2 Severity: wishlist
I'm still trying to create such a patch, however by default wordpress uses the ABSPATH to locate themes, which is great for a single site since since no one else can gain access to another users themes. In fact in the Debian readme it even suggests to copy users themes into the shared documents. What I'm suggesting is a few changes through out the code to add a new THEMEPATH which will be one directory below in user space. For example say I have a user example with a domain example.com, and I have the directory structure setup as: /home/users/example/example.com which is a symlink to /usr/share/wordpress in /home/users/example I store a copy of wp-config.php and /home/users/example/wp-content/themes/ has 2 symlinks to the default themes, although you could just symlink any others in the shared directory. This should over come security problems with having /etc/wordpress and it's configuration files (as per readme directions) read/write by any apache process, since those files contain username and password information the current system is highly undesirable. -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.4.27-2-386 Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) Versions of packages wordpress depends on: ii apache [httpd] 1.3.33-6sarge2 versatile, high-performance HTTP s ii mysql-client-5.0 [vir 5.0.24-0.dotdeb.0 mysql database client binaries ii php4 4:4.4.4-0.dotdeb.1 server-side, HTML-embedded scripti ii php4-mysql 4:4.4.4-0.dotdeb.1 MySQL module for php4 -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
