On 8/3/06, Tels nospam-abuse@bloodgate.com wrote:
On Friday 04 August 2006 00:15, Simetrical wrote:
Even if there were to be a Web interface, I don't think bureaucrats will be given privileges to execute arbitrary PHP code anytime soon.
This would be _very_ usefull for small wikis, where the admin could log in, and update/install extensions via an webinterface.
Yes, maybe, but not bureaucrats. But I'm not sure a web interface is so critical. How did you install the wiki software to start with without moving the files to the webserver, via FTP or otherwise? If your hosting provider gives you a GUI to add files to your directory from elsewhere, then go ahead and use it. If it doesn't, you'll have to use a command line, just like you did to install MediaWiki in the first place.
A web interface *would* still make things easier for the less technically-inclined, sure. But tying it to the wiki account is very dangerous, because it assumes that there are never going to be any bugs in the user login process that would allow an attacker to gain access. It would be *very bad* to allow arbitrary code to be downloaded and executed with the only security being the MediaWiki account logins; the security procedures just aren't up to it.