https://bugzilla.wikimedia.org/show_bug.cgi?id=53791
Bryan Davis <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|PATCH_TO_REVIEW |NEW --- Comment #5 from Bryan Davis <[email protected]> --- For production hosts we should never see this issue if mwscript is being used to execute all maintenance scripts. If we do have file ownership problems on a production host that can be traced to UIDGenerator cache file permissions that should be treated as toolchain problem to be resolved by ensuring that the proper wrapper scripts are being used. The problem S ran into looks to be on a local/vagrant/labs dev server. I think the best answer for this is to advocate good script execution hygiene. I don't know if there is a good way to enforce this programmatically, but wiki maintenance scripts should always be run as the web server user (usually www-data on Ubuntu using Apache). If you run a maintenance script as a more privileged user you run the risk of executing malicious code that could do any number of nasty things as "you". -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
