On Monday 07 May 2007 21:08, Bernd Zeimetz <[EMAIL PROTECTED]> wrote: > imho the wordpress packaging should be changed in a way to allow the > user to drop their plugins/themes into /var/lib/wordpress/../ instead of > trying to package plugins and themes.
Making it a configuration option to allow the user to install plugins and themes would be a reasonable thing to do. But packaging commonly used plugins and themes would be much more useful to most sys-admins. > Due to the nature of php and > wordpress, the code is hard to maintain in general, and many plugins are > a mess of code and often they open security related holes in your WP > installation. Maintaining a collection of plugins for WP sounds like a > nightmare for me. This is precisely why you want to have a set of packaged plugins which have some minimal quality standards! I am not a PHP programmer so I can't audit the code for security issues. I can however test the cost to make sure that it works and package it so that the files end up in the correct locations, data files that are created with the correct permissions to allow Apache to access them, and that configuration is not overly difficult. Getting the entire collection of Wordpress plugins (or any significant sub-set) audited for security issues seems quite unlikely. Getting a smaller collection of plugins which are packaged for Debian audited in such a manner would be much easier and therefore much more likely. I don't think that I am the ideal person to maintain such packages, but someone has to do it and I'm prepared to make a start. I would be happy to give the packages to someone with more PHP experience if asked. -- [EMAIL PROTECTED] http://etbe.coker.com.au/ My Blog http://www.coker.com.au/sponsorship.html Sponsoring Free Software development -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
