On Mar 27, 2007, at 9:48 AM, Jakub Suchy wrote:
* when the user approves the updates, a privileged cron script performs the updates at the next scheduled time. This script could also be run manually, but the idea would be that if you ever invoked it via drupal, you'd have to specify credentials.
Hi, this is unacceptable, because most of the users running shared hosts don't have access to privileged cron scripts.
Is this statement still true if you think of a "priviliged cron script" as simply one that isn't run by apache and therefor has write access to the drupal directories? I wasn't talking about root here. My provider certainly allows this. The FTP approach also has possibilites, but I'm not sure how well it would work given our packaging systems. I'd love to figure out how drupal can have a hook that "prompts for credentials" and then runs a process as a different user. I'll continue to be trying to figure out a way to make this work... Dave