Page MenuHomePhabricator
Create Task
Maniphest T3003

set_time_limit() has been disabled for security reasons
Closed, DeclinedPublic
Actions

Description

Author: fnleisurehacker

Description:
Seems some code is still not fixed to work with tightly secured systems.

Installation result:

Warning: set_time_limit() has been disabled for security reasons in
/usr/export/www/vhosts/funnetwork/hosting/fnleisurehacker/mediawiki-1.4beta1/install-utils.inc
on line 27

  1. PHP 4.3.9: ok
  2. Warning: PHP's register_globals option is enabled. MediaWiki will work

correctly, but this setting increases your exposure to potential security
vulnerabilities in PHP-based software running on your server. You should disable
it if you are able.

  1. PHP server API is apache; ok, using pretty URLs (index.php/Page_Title)
  2. Have XML / Latin1-UTF-8 conversion support.
  3. PHP's memory_limit is 32M. If this is too low, installation may fail!
  4. Have zlib support; enabling output compression.
  5. Turck MMCache not installed, can't use object caching functions
  6. Found GD graphics library built-in, image thumbnailing will be enabled if you

enable uploads.

Installation directory:

/usr/export/www/vhosts/funnetwork/hosting/fnleisurehacker/mediawiki-1.4beta1

Script URI path: //mediawiki-1.4beta1

SecureSSI: Das Script
(/usr/export/www/vhosts/funnetwork/hosting/fnleisurehacker//mediawiki-1.4beta1/config/index.php)
hat versucht ausserhalb von ihrem Userverzeichniss auf die Datei /dev/urandom
zuzugreifen.
Dies ist nicht erlaubt!

Warning: $wgProxyKey is insecure

Warning: ini_set() has been disabled for security reasons in
/usr/export/www/vhosts/funnetwork/hosting/fnleisurehacker/mediawiki-1.4beta1/config/index.php(398)
: eval()'d code on line 7

  1. MySQL error 1045: Access denied for user: 'root@localhost' (Using password: NO)
  2. Trying regular user... ok.
  3. Connected to database... 4.0.22-log; enabling MySQL 4 enhancements

SecureSSI: Das Script
(/usr/export/www/vhosts/funnetwork/hosting/fnleisurehacker//mediawiki-1.4beta1/config/index.php)
hat versucht ausserhalb von ihrem Userverzeichniss auf die Datei /dev/urandom
zuzugreifen.
Dies ist nicht erlaubt!

  1. Warning: $wgProxyKey is insecure
  2. Database ** exists
  3. Creating tables... done.
  4. Initializing data...
  5. Created sysop account ***. #

Initialising "MediaWiki" namespace...
Clearing message cache...Done.

Creating LocalSettings.php...

Success! Move the config/LocalSettings.php file into the parent directory, then
follow this link to your wiki.

Version: 1.4.x
Severity: normal
OS: FreeBSD
Platform: PC

Details

Reference
bz1003

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 21 2014, 8:00 PM
bzimport added a project: MediaWiki-Installer.
bzimport set Reference to bz1003.
bzimport added a subscriber: Unknown Object (MLST).
bzimport created this task.Dec 4 2004, 7:57 PM
hashar added a comment.Dec 4 2004, 8:00 PM

Looks like the installation completed successfuly. The time limit
raise is only needed when the installation need to upgrade the
database.

Just:
mv ./config/LocalSettings.php .

And it should be fine ;o)

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL