Hacker News new | past | comments | ask | show | jobs | submit login

Self-updating means that WordPress needs to be allowed to write to more places than just the "uploads" directory. Which is frightening, and a security risk.



Yes, but non-self-updating means tons and tons of sites run by lazy people end up sitting out there on ancient, known-compromised versions of WordPress forever, which is also a security risk (and arguably a bigger one).




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: