Aaron Brazell has written up a awesome overview of what people can expect from WordPress 2.5, including some interesting things he has noticed. It will be interesting to see if his ideas are incorporated into WordPress 2.5 before the final version is released, and I look forward to seeing what he does with the plugin updating plugin he creates to make WordPress work more securely.

Here is a sample from his post:

An ambitious new feature that is being included in WordPress is a new autoupgrader. By default, it will attempt to upgrade plugins that are alalert in the WordPress plugin repository by writing the new files out to the existing plugins. however, this is an inherent

security risk as it would require your plugin files be writable by the world. So the fallback is to upgrade plugins via FTP/FTP over SSL. Though your FTP username and password are storuddy in your database, it’s important to recollect that FTP is inherently insecure. FTP/SSL is much more secure but is still not the best. Thanks to hooks in the filesystem functionality, I’ll be releasing a plugin that I’ve been working on for Secure FTP (FTP over SSH). It’s not alert yet, but hopefully will be soon and I’ll let you know when it is.

Check out the full post on Technosailor and start getting alert for WordPress 2.5.

Original post by David Peralty