After my recent rant here:
I was thinking, don’t you guys think it’d be better to run Magento Connect via FTP rather than PEAR?
Using PEAR makes files world-writable and there is a definite security risk.
I know Drupal has options to perform upgrades etc… by utilizing FTP, perhaps this is something Magento can follow suit on.
Is there a good reason why you guys chose the PEAR route rather than the FTP route?