Last modified: 2014-08-16 10:26:30 UTC
[[mw:Extension:ViewFiles]] implements the Special:ViewFiles page, important for allowing users to view LocalSettings.php.
(In reply to Nathan Larson from comment #0) > [[mw:Extension:ViewFiles]] implements the Special:ViewFiles page, important > for allowing users to view LocalSettings.php. It looks like you wrote [[mw:Extension:ViewFiles]]. If merged into core, this feature would need to be permanently disabled with a very explicit warning attached to it due to the security implications, as I understand it. Broadly, I imagine we want a better long-term solution for viewing and managing MediaWiki configuration. In order for this ticket to move forward, I'd like to first see evidence that the ViewFiles MediaWiki extension is widely installed or that there's a great demand from MediaWiki system administrators and users to have this "view [configuration] files" feature almost always available (at the flick of a switch). I think it will be difficult to meet this burden, so I'm marking this bug as unconfirmed for now.
I think UNCONFIRMED would be for if we weren't certain whether it's unmerged. In other words, a question of fact rather than an opinion as to the likelihood that it should be WONTFIXed. This was discussed (briefly) at [[mw:Talk:Bug management/Bug report life cycle]]; feel free to weigh in there on the more general question of how UNCONFIRMED should be used.
Perhaps ViewFiles could be made smart enough to tell whether sensitive configuration settings, e.g. $wgDBpassword, are exposed in the config file. It could look for, e.g., the string $wgDBpassword = " If that string is present, then it could, by default, not allow the file to be viewed. Alternatively, there could be a config setting, $wgViewFilesEnabled, that would by default be set to false.
