[development] RFC: letting modules phone home to check for new releases

Larry Garfield larry at garfieldtech.com
Wed Nov 22 04:55:51 UTC 2006

On Tuesday 21 November 2006 22:27, Derek Wright wrote:
> i want this to *help* the security team, not make our lives worse.
> that's why i'm reacting negatively.

Drupal 5 now has the ability to run from the command line, right?  So make the 
actual replace/upgrade process a command line only script.  Checking which 
new modules are available can and should be an automated process.  Actually 
doing the upgrade should be something you have go to well out of your way to 

For the sysadmins in the crowd, there's nothing wrong with putting "apt-get 
update" in your crontab.  "apt-get upgrade" should only be run by the 
sysadmin as root, by hand, and therefore when you know you're doing something 
dangerous. :-)

1) System auto-updates list of latest versions and lets you know if action is 
2) Admin goes to command line and runs drupal-get.php download
3) Admin sets site to offline.
4) Admin runs drupal-get.php backup
5) Admin runs drupal-get.php upgrade
6) Admin runs update.php (or that can be done automatically by #5 if it's 
7) Admin brings site back online.

The hard parts (downloading and unpacking) are all automated, but only when 
the admin is on the command line (and therefore running as the owner of the 
files anyway), and therefore (hopefully) knows exactly what he's doing.  Yes, 
this excludes people who are on a host that doesn't give them a shell.  Given 
the file permissions involved, I don't really know of a way around that.

*sits back to have the security holes pointed out in the above.* :-)

Larry Garfield			AIM: LOLG42
larry at garfieldtech.com		ICQ: 6817012

"If nature has made any one thing less susceptible than all others of 
exclusive property, it is the action of the thinking power called an idea, 
which an individual may exclusively possess as long as he keeps it to 
himself; but the moment it is divulged, it forces itself into the possession 
of every one, and the receiver cannot dispossess himself of it."  -- Thomas 

More information about the development mailing list