PHP Security Tweaks
Mike McGrath
mmcgrath at redhat.com
Mon May 26 03:29:14 UTC 2008
On Sun, 25 May 2008, Jeffrey Tadlock wrote:
> On Sat, May 24, 2008 at 10:18 PM, Jeffrey Tadlock <linux at elfshadow.net> wrote:
> > 'open_basedir' is causing issues with the user's page (i.e. clicking
> > the jeffreyt link at the top of the page), when it is enabled it just
> > goes to a blank page. The same happens with the Infrastructure page
> > as well. Everything else seemed to work well with it enabled. I will
> > play with that on a vanilla install at home and see what is up with
> > that.
>
> I think I have this working now. I needed to add /usr/share/pear to
> the open_basedir list. The things I saw broken because of that last
> night now appear to be working. It is now enabled on publictest2.
>
> If I am not around and it turns out it is causing issues somewhere
> else, you can just comment it out in /etc/php.ini and bounce Apache
> and you'll be good to go.
>
> > If something has broken and I missed it, feel free to ping me (iWolf)
> > on IRC. If I am not around you can grab the original php.ini file
> > from my home directory under the php-sec directory. Just copy it to
> > /etc/php.ini and bounce apache and you will be back to the way it was
> > before I made the changes. Please let me know if you need to do that
> > though, so I can look at it further.
>
> Same applies. I have some garden work to do this afternoon, so if I
> am not around, you can copy the original php.ini from my home
> directory under the php-sec directory to /etc/php.ini and bounce
> apache to be back to the original way it was before I made changes.
> Just let me know if you end up needing to do that so I can look at it
> further.
>
Thanks for looking in to this stuff, once we're sure its all working right
we can get that in to puppet and deploy it on our new mediawiki hosts.
-Mike
More information about the Fedora-infrastructure-list
mailing list