Page MenuHomePhabricator
People Ckujau

Ckujau (Christian Kujau)
User

Projects

User does not belong to any projects.

Calendar

Today

  • No visible events.

Tomorrow

  • No visible events.

Friday

  • No visible events.

User Details

User Since
Oct 22 2014, 6:24 PM (589 w, 6 d)
Availability
Available
LDAP User
Unknown
MediaWiki User
Ckujau [ Global Accounts ]

Recent Activity
View All

May 24 2025

Ckujau updated subscribers of T303888: Mailman3: Stop advertising list subscription/management methods via email in email headers.

This is still happening, and I reported the same to mediawiki-l-owner and @Platonides was kind to respond to better open a phabricator issue for this. But it's already open ;-)

May 24 2025, 12:40 AM · SRE, Wikimedia-Mailing-lists

Jun 6 2021

Ckujau created T284397: Unhandled Exception ("RuntimeException"): Undefined offset: 5 when trying to access T16235.
Jun 6 2021, 1:12 PM · Phabricator (Upstream), Upstream

Jan 30 2020

Ckujau added a comment to T228544: Nessus Scan Revealed High Finding.

OK, understood. Thanks for clearing that up! 👍

Jan 30 2020, 8:29 PM · Security, Performance-Team (Radar), MediaWiki-ResourceLoader, MediaWiki-Action-API, Vuln-Inject, Security-Team
Ckujau added a comment to T228544: Nessus Scan Revealed High Finding.

While I understand that there's no SQL query executed here, is it really harmless to have Mediawiki echo everything back that is passed in the URL? In a Mediawiki 1.34.0 installation I get:

Jan 30 2020, 12:32 PM · Security, Performance-Team (Radar), MediaWiki-ResourceLoader, MediaWiki-Action-API, Vuln-Inject, Security-Team

Aug 10 2016

Ckujau added a comment to T78159: Fix superfluous Warning: is_executable(): open_basedir restriction in effect in /includes/GlobalFunctions.php on line 2809.

IMHO adding /bin/bash to open_basedir should not be recommended. This directive is often used to explicitly limit file system access for PHP. Allowing PHP to call a system shell doesn't sound like a good idea to me. (MW 1.26 here, the warning is logged 3 times for each picture upload, but no UI errors - only includes/limit.sh is never called, of course.)

Aug 10 2016, 6:24 AM · MediaWiki-General

Jun 9 2016

Ckujau added a watcher for MediaWiki-extensions-Lockdown: Ckujau.
Jun 9 2016, 3:31 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits