[php-maint] Bug#687418: Updating php5 to 5.4.4-5 broke FastCGI setup on my machine
matthias at urlichs.de
Mon Sep 17 22:00:17 UTC 2012
Christoph Anton Mitterer:
> 1) So you have both, php5-cgi AND libapache2-mod-fcgid installed, right?
fastcgi, but yes.
> 2) Then what happens is, the Handler from php5_cgi.conf overrides the
> way (whatever you did) to get .php files interpreted, right?
> 3) Obviously, .php files are then neither interpreted by "normal" CGI,
> as Action directives are missing (and perhaps ScriptAlias and other
> things), right?
> Big problem though is, are the files then served as normal files by
Yes. The file gets served as-is, with a mimetype of
If there's a database password / server secret in there,
$WORLD now knows it.
In an ideal world, your server cannot serve the include file
which has the actual secret sauce that's used by index.php.
Most people choose not to live in an ideal world. ;-)
-- Matthias Urlichs
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 836 bytes
Desc: Digital signature
More information about the pkg-php-maint