On 16/03/07, Platonides Platonides@gmail.com wrote:
Dan Jacobson wrote:
D> $wgDBserver="mysql.$wgServerName";
P> I suppose you know what will be happening if someone finds a way to P> overwrite your $wgServerName variable...
How could that happen? $wgServerName is born in the safe confines of DefaultSettings.php.
I don't know, i wrote without even checking where was it set. It's a matter of making secure code. There are hundreds of exploits taking advantage of things the owner thought it "couldn't be done". Appending the result to a server on the default case is very bad. There's no need to do it in this way, so why do it? Tomorrow php could found a problem in the way $_REQUEST varaibles are used, compromising your system.
[snip]
There are arguably genuine concerns in this, but ultimately, if your $wgServerName variable is not being set safely or at all, then you'd likely be overriding it or fixing Apache so it was properly detected.
Rob Church