https://bugzilla.wikimedia.org/show_bug.cgi?id=34945
Viktor Adamek <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Version|1.16.5 |1.19 --- Comment #4 from Viktor Adamek <[email protected]> 2012-03-04 13:02:31 UTC --- (In reply to comment #1) > The install these days doesn't even try to save the file for you, The user > needs to download it locally and then move it over to the webserver into the > > MW folder (and chmod it appropriately). Of course every sysadmin should check permissions of config-files him/herself, nevertheless I would prefer MW to check/set the permissions if not appropriate. (In reply to comment #1) > The install these days doesn't even try to save the file for you, The user > needs to download it locally and then move it over to the webserver into the > > MW folder (and chmod it appropriately). In svnroot/mediawiki/tags/REL1_9_6/phase3/config/index.php umasking the file is still not performed, see below; (if that's the right file and I haven't overlooked something) (In reply to comment #3) > Must be caused by apache having an invalid umask. On fedora have a look at > /etc/sysconfig/httpd and set the umask to a sane default such as 'umask 002'. I think MW's installation routine should be fault-tolerant, to also handle umask-madness ;-) LocalSettingsGenerator.php in mediawiki-1.18.1 tarball [1] 142 /** 143 * Write the generated LocalSettings to a file 144 * 145 * @param $fileName String Full path to filename to write to 146 */ 147 public function writeFile( $fileName ) { 148 file_put_contents( $fileName, $this->getText() ); 149 } [1] file from mediawiki-1.18.1/includes/installer in index.php from svnroot/mediawiki/tags/REL1_9_6/phase3/config/index.php': there still is: 918 $f = fopen( "LocalSettings.php", 'xt' ); [...] 925 if(fwrite( $f, $localSettings ) ) { 926 fclose( $f ); 927 writeSuccessMessage(); which neither handles umask; (I've just watched the source, haven't it tried out in an installation). Did i grep the right file? I'm a bit confused with the svn-directory structure. > If you have a default fedora core configuration, you really want to report the > bug to them so they can fix their apache umask. Bug is already reported in Fedora-Bugzilla: 799659 https://bugzilla.redhat.com/show_bug.cgi?id=799659 > Lowering severity, it is not that bad and most probably caused by a local, non > MediaWiki, user configuration. Database user credentials are stored in plain-text, thus IMHO this is severe. I don't think the distributor's umask should permit read-access for all-users on the system, since in /var/www usually is meant to be public - except for configuration-files. In the above code-example MW doens't try to set the right (more restrictive) umask, which would be it's responsibility (again IMHO). -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
