quocble

For local security:
* passwords are not kept in files/db
* It is hosted on a dedicated machine.
No other users can login in.
* Reposititory Files are kept in secured database,
not flat files that could easy be changed without
a way to track them.

Remote security:
* downloadable package identical to the one that is used to install including md5 checksum. (Otto42)

To answer your trust question:
When I did this, I had those thoughts in mind. There is going to be a GROUP/BOARD who will validate any installations that becomes available on the website.

I see this as no difference with repository sites for yum and apt-get. There are many of them around by the way.

You trust your webhost right? You trust them not to go through your personal stuff on your site and your emails. I am a webhost too. My company runs more than 700 sites.

I could of just added WordPress to the installers available my control panel but I wanted to do something that will benefit for everyone no matter who they’re hosted with. This new installer is standarized, you can make own project through a web interface – and customize it the way you want it. So we can build a much bigger list of software you can easily install from, not just 5-10 ussually available from webhosts.

Otto42, would that be acceptable? Or what else do you suggest.?

Passwords are not kept in the database but only for the duration if the installation. But, it’s a tradeoff for the installer to be able to install on your webhosting account. This installer is meant to work for any webhosting account not just cpanel, plesk..etc.

The program only works within it’s scope. That means it only upload & create files/db that is within its “Application Directory”.

I also own a web hosting company called […]. Over 700 websites have been hosting with us. So, we do take security seriously. If you guys are still curious, I can give free accounts to play around with 🙂

—
Quoc Le