WHY THE FUCK IS THE UPGRADE UNZIP DIR HARDCODED IN WORDPRESS TO A LOCATION IN THE WEBROOT????????? It should be /tmp.... I always knew wordpress devs were... special...

  • 3
    To prevent OS specific behaviour.
  • 2
    Or perhaps it needs to run trusted code from there. Do you want to run trusted code from /tmp?
  • 0
    @Demolishun yes... It's secure by design and not part of backups by default.. even often self cleaning and faster. Drupal uses an API call to resolve tmp dir. Correct approach: onfigurable override, default os location, webroot if all fails
Add Comment