[Pmwiki-users] Re: Call For Directory Simplicity
Christian Ridderström
chr
Fri Feb 13 22:00:21 CST 2004
On Fri, 13 Feb 2004, Patrick R. Michaud wrote:
> On Thu, Feb 12, 2004 at 07:41:42AM -0800, Steven Leite wrote:
> > Hope I'm not being nit-picky, but I figured, hey, since we're on a
> > roll and quickly approaching 1.0 release, might as well through the
> > topic out for discussion :)
>
> Just as a side comment, I don't know how close we are to a "1.0" release,
> and hitting a magic 1.0 number isn't a priority for me. At some point
> I'll decide that PmWiki has reached a 1.0 stage, but I'm not there yet.
Sometime in the future, I'd love to hear a rational motivation for why
it's ready for 1.0 ;-) PmWiki is definitely stable (as in usuable) *now*.
> > If not, then I think the core files should be
> > in the same directory (root directory?) as PmWiki.php.
>
> This is bad, because on many systems it would then be possible for someone
> to execute the scripts directly, without going through pmwiki.php. There's
> a *huge* potential for security holes if/when that happens.
[[Attach:somewhere]]
So a major reason for placing the auxiliary .php-files in a separate
directory is to prevent people from executing them independently? And the
same holds for .php-files in local/?
[[Attach:]]
/Christian
--
Christian Ridderstr?m http://www.md.kth.se/~chr
More information about the pmwiki-users
mailing list