User "Aaron Schulz" changed the status of MediaWiki.r91703. Old Status: new New Status: ok
Full URL: http://www.mediawiki.org/wiki/Special:Code/MediaWiki/91703#c0 Commit summary: * Sync script updates for improved privilege separation. A new user (mwdeploy) is created, which owns all the files in common-local. The texvc install is run as this user. Previously there was a potential for privilege escalation when root users executed scripts which were writable by wikidev. Now the scripts are only run as the unprivileged user, mwdeploy. * Merged sync-common-all and scap. The distinction was pretty stupid to start with, and only got more stupid as time went by, as functionality was copied from scap to sync-common-all. * Installed texvc to a directory writable by mwdeploy, instead of to /usr/local/bin. We would have needed to change the directory for HetDeploy anyway. _______________________________________________ MediaWiki-CodeReview mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/mediawiki-codereview
