Author: sorin.sbarnea
Description:
generateSitemap.php does use wfWikiID() in order to generate in sitemaps filenames.
This contains the name of the database and this is a security issue because it does make thename of the database (the name of the database could give some information about the server configuration).
My oppinion is that this should be removed or if somebody consider that it may be requred it can be crypted like: crypt(wfWikiID()).
Version: 1.16.x
Severity: enhancement
sorin.sbarnea wrote:
Correction: crypt will not work because the output is not valid for filenames but md5() will do.
wfWikiId() is used *everywhere* and should be perfectly safe in and of itself; changing this usage of it to something else would be useless.
If there's any needs to hide the raw DB name this needs to be done by changing what wfWikiId() returns.
Added $wgWikiId in r59548 to override wfWikiId()'s output if you don't want it to be $wgDBname.
Marking this FIXED, as the original problem can be resolved now.
Reverted in r60960, commit message copied below:
wfWikiID() is used as a way to identify and connect to a given database in LoadBalancer and various extensions, that's why it must contain the database name and table prefix. Perhaps its use as a public identifier should be optional, but in that case the public identifier needs to be customised, not the return value of wfWikiID().