Page MenuHomePhabricator
Create Task
Maniphest T20768

Remove AdminSettings.php from MediaWiki core
Closed, ResolvedPublic
Actions

Description

Paraphrasing Tim:

  • Having two separate files creates an illusion of privilege separation
  • In theory, AdminSettings.php could be protected using UNIX permissions, but it's never done
  • It provides no real security to separate the admin user from the command-line user
  • The web user has DELETE capabilities over MediaWiki tables already, so an attacker can do significant damage already

I propose removing the file from future installations, putting the data in LocalSettings.php, and modifying maintenance scripts to use LocalSettings.php (if necessary).

Version: unspecified
Severity: enhancement

Details

Reference
bz18768

Related Objects
Search...

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 21 2014, 10:37 PM
bzimport added a project: MediaWiki-Installer.
bzimport set Reference to bz18768.
bzimport added a subscriber: Unknown Object (MLST).
MZMcBride created this task.May 11 2009, 3:52 PM
MZMcBride added a comment.Jun 11 2009, 10:17 PM

I believe Tim resolved this in rev 51650. Resolving as FIXED.

demon added a comment.Jun 11 2009, 10:21 PM

No, only the requirement for update.php. commandLine.inc still expects AdminSettings to be there. Will be fixed with merge of maintenance-work branch.

demon added a comment.Jun 24 2009, 2:02 AM

Fixed in r52336.

Jidanni added a comment.Jun 24 2009, 2:40 AM

I am looking at RELEASE-NOTES and it says

  • (bug 18768) Remove AdminSettings.php from MediaWiki core

but svn update says
D AdminSettings.sample
Shouldn't that be

  • (bug 18768) Remove AdminSettings.sample from MediaWiki core?
Catrope added a comment.Jun 25 2009, 10:03 AM

(In reply to comment #4)

I am looking at RELEASE-NOTES and it says

  • (bug 18768) Remove AdminSettings.php from MediaWiki core

but svn update says
D AdminSettings.sample
Shouldn't that be

  • (bug 18768) Remove AdminSettings.sample from MediaWiki core?

I guess the idea is that the *requirement* for AdminSettings.php was removed.

demon added a comment.Jun 25 2009, 2:47 PM

Exactly. The idea behind the bug is to remove the concept of "AdminSettings" entirely from the core, as it isn't really needed. Granted, this is only fixed in the maintenance-work branch but not core (Brion reverted the merge in r52340)

demon added a comment.Jul 23 2009, 12:32 AM

Done in r53664.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL