Could everyone just stop producing these modules? If your webserver can write files that are executed by the webserver, that's a security risk. If there is a minor exploit, this can turn it into a critical one. The proper way to do is to use FTP/SSH/whatever wrappers of PHP5 to FTP/SSH back to your server and thus write files over. Never store the password, ask it each time. This way security is kept and yet semi-automated updates are possible.
Commenting on this Story is closed.