[development] RFC: letting modules phone home to check for new releases

[Derek Wright]

On Nov 21, 2006, at 10:13 AM, Oswald Jaskolla wrote:

> So, what do you think?

i hope you don't take this personally, by i'm *very* opposed to the  
kind of system you're building.

the security implications of giving your website permission to  
overwrite itself automatically are *HORRIFYING*.  i'd never install  
such a thing, and i'd never advocate anyone else should install such  
a thing.


the kind of system i'm building is just an automated way to tell the  
human site admins: "your code is out of date" (and if true, "and  
insecure") and nag them mercilessly until they upgrade the stale  
module(s) to the latest, secure version(s).  it's still the human's  
task to perform the upgrade itself.

this manual upgrade could itself be further automated, but a high- 
privileged admin user must run this automated script themselves, just  
like they have to run update.php themselves.  building and providing  
a tool that can "do it all" for you is asking for security hell, and  
therefore defeats the purpose of what i'm trying to accomplish (make  
it easier and therefore more likely for drupal sites to remain secure).


anyway, i'm willing to coordinate, and further discuss design/ 
implementation issues, but i can't emphasize enough how bad i think a  
fully-automated system for upgrading a drupal site would be.

maybe i'm misunderstanding your design/proposal, but after re-reading  
your message a few times, it's pretty clear you're marching down the  
path towards what i'd consider "the dark side". ;)

sorry,
-derek