Page MenuHomePhabricator

Set `enable_dl` to 0 in php.ini
Closed, ResolvedPublic


dl has always been an attack vector and in general a bad idea and a performance killer.

Its use is also deprecated, so we should carefully check if we can disable dl on php-fpm.

We'll need to do this in careful stages (beta/mwdebug/canaries/everywhere).


Related Gerrit Patches:
operations/puppet : productionprofile::mediawiki::php: tweak ini settings

Event Timeline

Joe added a comment.Apr 15 2019, 2:23 PM

as I commented in the parent ticket, enable_dl should be off in production, and given HHVM didn't support it this should not create any issue.

Krinkle moved this task from Untriaged to Wikimedia production on the PHP 7.2 support board.
colewhite triaged this task as Medium priority.Apr 16 2019, 5:32 PM

Change 502986 had a related patch set uploaded (by Giuseppe Lavagetto; owner: Giuseppe Lavagetto):
[operations/puppet@production] profile::mediawiki::php: tweak ini settings

Change 502986 merged by Giuseppe Lavagetto:
[operations/puppet@production] profile::mediawiki::php: tweak ini settings

jijiki closed this task as Resolved.Apr 24 2019, 10:13 PM
jijiki claimed this task.

@Joe @Krinkle, since we have pushed enable_dl => 0 to production, I am resolving this. Feel free to reopen if you disagree :)