Last modified: 2010-05-15 15:33:54 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T3003, the corresponding Phabricator task for complete and up-to-date bug report information.
Bug 1003 - set_time_limit() has been disabled for security reasons
set_time_limit() has been disabled for security reasons
Status: RESOLVED WORKSFORME
Product: MediaWiki
Classification: Unclassified
Installer (Other open bugs)
1.4.x
PC FreeBSD
: Normal normal (vote)
: ---
Assigned To: Nobody - You can work on this!
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2004-12-04 19:57 UTC by Sven
Modified: 2010-05-15 15:33 UTC (History)
0 users

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Attachments

Description Sven 2004-12-04 19:57:20 UTC
Seems some code is still not fixed to work with tightly secured systems.

Installation result:

Warning: set_time_limit() has been disabled for security reasons in
/usr/export/www/vhosts/funnetwork/hosting/fnleisurehacker/mediawiki-1.4beta1/install-utils.inc
on line 27
# PHP 4.3.9: ok
# Warning: PHP's register_globals option is enabled. MediaWiki will work
correctly, but this setting increases your exposure to potential security
vulnerabilities in PHP-based software running on your server. You should disable
it if you are able.
# PHP server API is apache; ok, using pretty URLs (index.php/Page_Title)
# Have XML / Latin1-UTF-8 conversion support.
# PHP's memory_limit is 32M. If this is too low, installation may fail!
# Have zlib support; enabling output compression.
# Turck MMCache not installed, can't use object caching functions
# Found GD graphics library built-in, image thumbnailing will be enabled if you
enable uploads.
# Installation directory:
/usr/export/www/vhosts/funnetwork/hosting/fnleisurehacker/mediawiki-1.4beta1
# Script URI path: //mediawiki-1.4beta1

SecureSSI: Das Script
(/usr/export/www/vhosts/funnetwork/hosting/fnleisurehacker//mediawiki-1.4beta1/config/index.php)
hat versucht ausserhalb von ihrem Userverzeichniss auf die Datei /dev/urandom
zuzugreifen.
Dies ist nicht erlaubt!
# Warning: $wgProxyKey is insecure

Warning: ini_set() has been disabled for security reasons in
/usr/export/www/vhosts/funnetwork/hosting/fnleisurehacker/mediawiki-1.4beta1/config/index.php(398)
: eval()'d code on line 7
# MySQL error 1045: Access denied for user: 'root@localhost' (Using password: NO)
# Trying regular user... ok.
# Connected to database... 4.0.22-log; enabling MySQL 4 enhancements
SecureSSI: Das Script
(/usr/export/www/vhosts/funnetwork/hosting/fnleisurehacker//mediawiki-1.4beta1/config/index.php)
hat versucht ausserhalb von ihrem Userverzeichniss auf die Datei /dev/urandom
zuzugreifen.
Dies ist nicht erlaubt!
# Warning: $wgProxyKey is insecure
# Database ********** exists
# Creating tables... done.
# Initializing data...
# Created sysop account *******.
#

Initialising "MediaWiki" namespace...
Clearing message cache...Done.

Creating LocalSettings.php...

Success! Move the config/LocalSettings.php file into the parent directory, then
follow this link to your wiki.
Comment 1 Antoine "hashar" Musso (WMF) 2004-12-04 20:00:50 UTC
Looks like the installation completed successfuly. The time limit
raise is only needed when the installation need to upgrade the
database.

Just:
 mv ./config/LocalSettings.php .

And it should be fine ;o)

Note You need to log in before you can comment on or make changes to this bug.


Navigation
Links