Technosailor’s WordPress 2.5 Overview
Aaron Brazell has written up a great overview of what people can expect from WordPress 2.5, including some interesting things he has noticed. It will be interesting to see if his ideas are incorporated into WordPress 2.5 before the final version is released, and I look forward to seeing what he does with the plugin updating plugin he creates to make WordPress work more securely.
Here is a sample from his post:
An ambitious new feature that is being included in WordPress is a new autoupgrader. By default, it will try to upgrade plugins that are already in the WordPress plugin repository by writing the new files out to the existing plugins. however, this is an inherent security risk as it would require your plugin files be writable by the world. So the fallback is to upgrade plugins via FTP/FTP over SSL. Though your FTP username and password are stored in your database, itâ€™s important to remember that FTP is inherently insecure. FTP/SSL is much more secure but is still not the best. Thanks to hooks in the filesystem functionality, Iâ€™ll be releasing a plugin that Iâ€™ve been working on for Secure FTP (FTP over SSH). Itâ€™s not ready yet, but hopefully will be soon and Iâ€™ll let you know when it is.
Check out the full post on Technosailor and start getting ready for WordPress 2.5.