https://bugzilla.wikimedia.org/show_bug.cgi?id=31101
Daniel Friesen <mediawiki-b...@nadir-seen-fire.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mediawiki-bugs@nadir-seen-f
| |ire.com
--- Comment #3 from Daniel Friesen <mediawiki-b...@nadir-seen-fire.com>
2011-09-22 20:55:00 UTC ---
Having the webserver write the file means that it's created as webserver
writable, and people often forget to fix that so it's not webserver writable.
The result is numerous MediaWiki installs with a webserver writable php file
that's now the easiest target to attack a wiki with if you find a vulnerability
in the webserver or are on a server with separate safe user accounts, but a
shared webserver user.
I know we've expressed desire to improve our system for configuring and
installing extensions, and checking for updates. But I don't believe we ever
planned to have MediaWiki go and download php files from some source on the
internet and drop it right into it's own install. That kind of practice is
horribly insecure, that's the kind of thing that creates critical security
vulnerabilities.
By the way, last time I checked WordPress' updater seamed to like using FTP
rather than using webserver writable files.
As for config, trust me, if we add in the ability to configure MediaWiki from
the web side, we won't be doing that by writing to a php file that could be
used as an attack vector, or even kill the wiki if you accidentally manage to
insert some invalid php into it.
--
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
