Page MenuHomePhabricator

Add shell restriction to deny access to LocalSettings.php
Closed, ResolvedPublic

Description

Suggested by Tim in the code review for https://gerrit.wikimedia.org/r/#/c/384930/

Most secret information like database passwords are kept in LocalSettings.php, so blacklisting that file by default would take away a lot of information an attacker would want.

Event Timeline

Legoktm created this task.Dec 9 2017, 6:00 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptDec 9 2017, 6:00 AM

Change 396080 had a related patch set uploaded (by Legoktm; owner: Legoktm):
[mediawiki/core@master] shell: Add NO_LOCALSETTINGS restriction

https://gerrit.wikimedia.org/r/396080

Change 396080 merged by jenkins-bot:
[mediawiki/core@master] shell: Add NO_LOCALSETTINGS restriction

https://gerrit.wikimedia.org/r/396080

Legoktm closed this task as Resolved.Dec 25 2017, 2:20 AM