[Pkg-mediawiki-devel] Bug#747463: Bug#747463: index.php is not executable, breaking CGI
Thorsten Glaser
t.glaser at tarent.de
Fri May 9 07:34:47 UTC 2014
On Thu, 8 May 2014, Joe Rayhawk wrote:
> CGI-based execution of mediawiki is made possible with chmod a+x
> /usr/share/mediawiki/index.php. It would be nice if this were made
> default so our mediawiki installations wouldn't break with every
> upgrade.
No:
① the file has no shebang
② http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/
I have no trust in the PHP people to keep CGI secure.
Will close this as WONTFIX unless upstream says they intend
to allow running MediaWiki as CGI.
bye,
//mirabilos
--
tarent solutions GmbH
Rochusstraße 2-4, D-53123 Bonn • http://www.tarent.de/
Tel: +49 228 54881-393 • Fax: +49 228 54881-235
HRB 5168 (AG Bonn) • USt-ID (VAT): DE122264941
Geschäftsführer: Dr. Stefan Barth, Kai Ebenrett, Boris Esser, Alexander Steeg
More information about the Pkg-mediawiki-devel
mailing list