A quick glance at the WP site docs didn't answer the question of how (or
if) they secure this process. Asking would probably be good (whoever's doing the updater work).
I've been looking at how WP works here and concluded this is basically not documented at all (from a developers perspective). On the WP IRC nobody seems to know anything about it, and my looking through the code itself has gotten me few insights into how updates and installation is secured. If anyone know more about this (esp what's up with the WP deployment repository), please contact me, this would be of great help for my GSoC project.
-- Jeroen De Dauw * http://blog.bn2vs.com * http://wiki.bn2vs.com Don't panic. Don't be evil. 50 72 6F 67 72 61 6D 6D 69 6E 67 20 34 20 6C 69 66 65! --