On 16/03/07, Platonides <Platonides(a)gmail.com> wrote:
Dan Jacobson wrote:
D>
$wgDBserver="mysql.$wgServerName";
P> I suppose you know what will be happening if someone finds a way to
P> overwrite your $wgServerName variable...
How could that happen? $wgServerName is born in the safe confines of
DefaultSettings.php.
I don't know, i wrote without even checking where was it set. It's a
matter of making secure code. There are hundreds of exploits taking
advantage of things the owner thought it "couldn't be done".
Appending the result to a server on the default case is very bad.
There's no need to do it in this way, so why do it? Tomorrow php could
found a problem in the way $_REQUEST varaibles are used, compromising
your system.
[snip]
There are arguably genuine concerns in this, but ultimately, if your
$wgServerName variable is not being set safely or at all, then you'd
likely be overriding it or fixing Apache so it was properly detected.
Rob Church