| Anonymous | Login | 2024-12-22 00:04 MST |
| Main | My View | View Issues | Change Log | Roadmap | Repositories |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||
| 0001855 | ClearOS | app-webapp - Web App Engine | public | 2014-07-13 17:03 | 2020-09-03 04:25 | ||||
| Reporter | marclaporte | ||||||||
| Assigned To | |||||||||
| Priority | low | Severity | feature | Reproducibility | N/A | ||||
| Status | closed | Resolution | suspended | ||||||
| Platform | OS | OS Version | |||||||
| Product Version | |||||||||
| Target Version | Fixed in Version | ||||||||
| Summary | 0001855: How to deal with PHP apps which can be updated via the web interface by the admin user? | ||||||||
| Description | Some web apps like WordPress, Joomla! and Piwik can be updated by the site admin via the web interface. In the case of WordPress and Joomla!, you can also update extensions via the web interface (I don't know about Piwik). For this to work: * In some cases, the PHP user must be able to write files. * In other cases, the user enters the FTP password and PHP uses this to write to itself. These 2 cases have security implications. A counter example is Tiki. Tiki does not attempt to update itself via the web interface and relies on an external process (FTP or SVN), a 1-click installer (like what we have in ClearOS) or TIM (Tiki Instance Manager, a command line tool). ClearOS will eventually handle upgrades. One thing to think about is what happens if ClearOS does the install, but then, the application is updated on its own. How to avoid issues? How to deal with the diversity? Thanks! | ||||||||
| Tags | No tags attached. | ||||||||
| Attached Files | |||||||||
 Relationships |
|
 Relationships |
|
Notes |
|
|
(0001234) user2 2014-07-14 08:56 |
This will be handled on an app-by-app basis since it's wild west when it comes to upgrades for web-based applications. For the same wild west reasons, we can't really use standard packaging (RPM, debs) to deliver updates. If feels like we're stepping back in time into the old Windows era where every piece of software (Java, Adobe PDF, Firefox) has its own different upgrade tool. It would be nice to be able to use a central repository for this, but doing: yum upgrade wordpress ... is not practical. When a user initializes Tiki, Wordpress, etc on ClearOS, the upstream zip is unpacked into a web document root. From that point, it's up to the web application to provide an upgrade tool. |
|
(0014591) NickH (developer) 2020-09-03 04:25 |
Migrated to https://gitlab.com/clearos/clearfoundation/app-webapp/-/issues/1 [^] |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2014-07-13 17:03 | marclaporte | New Issue | |
| 2014-07-14 08:45 | user2 | Status | new => acknowledged |
| 2014-07-14 08:56 | user2 | Note Added: 0001234 | |
| 2020-09-03 04:25 | NickH | Note Added: 0014591 | |
| 2020-09-03 04:25 | NickH | Status | acknowledged => closed |
| 2020-09-03 04:25 | NickH | Resolution | open => suspended |
|
Issue History |