[pmwiki-users] Pre-announcing 2.2.0 non-beta release

Oliver Betz list_ob at gmx.net
Tue Jan 20 03:56:00 CST 2009

John Rankin wrote:

>>>> one thing is probably very important: have some way to install major
>>>> cookbooks from a drop down list or checkbox
>>>This isn't likely to happen (the drop-down list or checkbox part),
>>>because we don't want the webserver to have write permission to
>>>the cookbook/ directory.
>>I agree with this. I'm basically happy with the current method of
>>cookbook installation.
>A small step could be to distinguish installation from activation.
>The installer could continue to install everything as before, but

I don't understand "everything as before".

>activation could be through a PmWiki page in SiteAdmin. When PmWiki

What is the problem to access and edit config.php by (S)FTP, SCP etc.?
It's only a matter of using the right tools. Using Windows, WinSCP and
Beyond Compare work _very_ well. PsPad, UltraEdit will also do the

So what you call activation could be simply removing a comment from a
line in config.php - if config.php already contained a list of "known
good" package.

But this still doesn't address the problem of "reliability".

If PM included calls to third party extensions in the PmWiki
distribution, this is a kind of recommendation and implies a certain
level of responsibility for flawless function.

Therefore the first (before adding "automatic" installation) step
should be a quality control or rating of PmWiki extensions. This would
be more beneficial for the unexperienced user than automatic

I'm much more concerned (and other should be also) about safety than
comfort: Will a certain recipe cause annoyances, unavailability, data
loss, or even open the door for a Black Hat?

The PmWiki core seems to be _very_ safe and trustworthy - it's widely
used but I don't know of severe security issues (no noticeable at all
in the last two years). But I don't know how secure the third party
extensions are.


More information about the pmwiki-users mailing list