Rogutòs
No joy for clean install.
I did use my config.php file from other, but
edited it. There are no cookbook lines in it, but
it doesn't mean I didn't screw something else up.
I can send you the file if you want.
I've been over security docs and suggestions for
last hour or so - don't know if I really
understand it yet but getting there
On authuser it says:
"This site appears to have the authuser extensions enabled. "
So that part is not broken.
After I set a name and password there, such as
paul: (:encrypt myPassword:)
should I be able to edit the homepage with this login?
Or do I have to set group permissions or somewhere?
Thanks for your help,
paul
Paul Badger (2009-10-04 22:46):
These lines below seem to have fixed the upload problem with php 5.3.0.
# temprorary workaround for PHP 5.3 login issues
# pmwiki.org/wiki/PITS/01141
$_REQUEST[session_name()]=1;
I did have to set permissions on the upload folders at 777 though.
Any opinions on whether this represents a security issue?
The workaround line shouldn't have any security implications. At least
not more than running PHP 5.3.0 before the bugs are explained and fixed
(remember that using workarounds is far from fixing).
Making uploads/ world-writable is what most people do with PmWiki (and
other webapps that need to write files). Security of this depends
on your server's configuration.
Also authuser functionality now seems to be broken now. ie defined
passwords no longer work.
Would this have been expected?
No, it works here. Could you test whether AuthUser works with a fresh
install, without any recipes (you can simply unpack PmWiki into
a separate directory, make wiki.d/ world-writable, enable authuser in
config.php and copy your password from SiteAdmin.AuthUser)?
--
-- Rogutòs Sparnuotos
_______________________________________________
pmwiki-users mailing list
[email protected]
http://www.pmichaud.com/mailman/listinfo/pmwiki-users
_______________________________________________
pmwiki-users mailing list
[email protected]
http://www.pmichaud.com/mailman/listinfo/pmwiki-users
