[development] RFC: letting modules phone home to check for new releases
sammys-drupal at synerger.com
Wed Nov 22 01:54:23 UTC 2006
While I agree with Derek about the security issues there can be
ways around it.
For example, functions that perform the update do so only when a file
(in the site root directory) contains some random characters chosen by
the system for that upgrade session. The file must be manually created
prior to the upgrade though a way to generate the file is provided. The
administrator can only download to their computer and then upload to
Derek is absolutely wright (sic) that security is a BIG issue. I'd also
not use it without measures similar to the above.
Synerger Pty Ltd
On 21-Nov-06 17:25, Derek Wright wrote:
> On Nov 21, 2006, at 10:13 AM, Oswald Jaskolla wrote:
> >So, what do you think?
> i hope you don't take this personally, by i'm *very* opposed to the
> kind of system you're building.
> the security implications of giving your website permission to
> overwrite itself automatically are *HORRIFYING*. i'd never install
> such a thing, and i'd never advocate anyone else should install such
> a thing.
> the kind of system i'm building is just an automated way to tell the
> human site admins: "your code is out of date" (and if true, "and
> insecure") and nag them mercilessly until they upgrade the stale
> module(s) to the latest, secure version(s). it's still the human's
> task to perform the upgrade itself.
> this manual upgrade could itself be further automated, but a high-
> privileged admin user must run this automated script themselves, just
> like they have to run update.php themselves. building and providing
> a tool that can "do it all" for you is asking for security hell, and
> therefore defeats the purpose of what i'm trying to accomplish (make
> it easier and therefore more likely for drupal sites to remain secure).
> anyway, i'm willing to coordinate, and further discuss design/
> implementation issues, but i can't emphasize enough how bad i think a
> fully-automated system for upgrading a drupal site would be.
> maybe i'm misunderstanding your design/proposal, but after re-reading
> your message a few times, it's pretty clear you're marching down the
> path towards what i'd consider "the dark side". ;)
More information about the development