[Pkg-mediawiki-devel] Bug#462609: mediawiki: README.Debian contains not full information for secured installation
Bob Rutsky
altsysrq at gmail.com
Sat Jan 26 04:02:40 UTC 2008
Package: mediawiki
Version: 1:1.11.0-3
Severity: minor
README.Debian says:
"Then just copy the generated config to the real system location"
(LocalSettings.php)
But generated configuration file has diabolic permissions 0666, and this
config contains
security information like wiki database password.
Mediawiki installation script says:
"You should change file permissions for LocalSettings.php as required to
prevent other users on the server
reading passwords and altering configuration data.",
I think this message should be putted in README.Debian too.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing'), (497, 'unstable'), (495, 'stable'),
(493, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.22-3-amd64 (SMP w/1 CPU core)
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages mediawiki depends on:
ii apache2 2.2.6-3 Next generation, scalable,
extenda
ii apache2-mpm-prefork [httpd] 2.2.6-3 Traditional model for Apache
HTTPD
ii debconf [debconf-2.0] 1.5.18 Debian configuration management
sy
ii mime-support 3.39-1 MIME files 'mime.types'
& 'mailcap
ii php5 5.2.4-2 server-side, HTML-embedded
scripti
ii php5-mysql 5.2.4-2+b1 MySQL module for php5
Versions of packages mediawiki recommends:
ii mysql-server 5.0.45-5 MySQL database server (meta
packag
ii mysql-server-5.0 [mysql-serve 5.0.45-5 MySQL database server binaries
ii php5-cli 5.2.4-2+b1 command-line interpreter for the
p
-- debconf-show failed
More information about the Pkg-mediawiki-devel
mailing list