OpenID is a go, it appears

Last night I had an idea. And typically for me, I couldn’t sleep properly as I kept trying to remind myself about the idea. I should have gotten up and tried it, but if it hadn’t worked I would have gotten even less sleep.

Anyway, the problem I was having with the OpenID plugin is that I forgot to make the plugin’s temp directory group writable. Most people seem to be ok with just making all their blog files writable by the web server, but I worry about the number of security holes that seem to pervade PHP applications so I make all the WordPress files belong to the user “blog” and only the ones that the web server has a legitimate reason to write belong to the group “www-data” and are group-write. When I installed this plugin, I made the tmp directory belong to the group “www-data”, but I forgot to “chmod g+rwx” on it. Duh. Even more “duh” worthy, I see that the plugin page has a FAQ that has that as item 1.

It seems to be working now. Let me know if you can’t comment.

8 thoughts on “OpenID is a go, it appears”

  1. Groovy! I really should go fix mine, not that I post anything all that often. I really like the idea of identity trust and sharing rather than creating new accounts everywhere.

    AOL’s providing AIM users with OpenID identities as well—I hope that helps OpenID catch on.

  2. Let us try this. Also, one thing that is a minor nit is that the ‘comments’ image doesn’t have height and width attributes, so for those of us who use the image placeholders on our friends page, the comments image comes up with a placeholder. If you use the height and width attributes, it’ll pop up.

Comments are closed.