[Mediawiki-l] LocalSettings.php - Security for MW on SourceForge
gregwk
gregwk at vt.edu
Tue Dec 21 07:19:23 UTC 2004
Thanks for everyone's help on this. Looks like I'm better off putting the wiki
somewhere
other than SourceForge.
G. Kulczycki
>===== Original Message From Brion Vibber <brion at pobox.com> =====
>--Apple-Mail-9-750934581
>Content-Transfer-Encoding: 7bit
>Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
>
>On Dec 20, 2004, at 8:45 PM, gregwk wrote:
>[snip]
>> Is SourceForge somehow fundamentally different from the Mozilla and
>> DreamHost servers?
>
>That's correct.
>
>Mozilla runs their own server, so doesn't have to worry about malicious
>local users. (By the way, the page you were looking at is just a copy
>of the documentation on meta.wikimedia.org.)
>
>DreamHost runs PHP scripts through a CGI handler, so the effective user
>ID of the script process can be that of the particular virtual host's
>own account. Thus your own script can read files that other local users
>and their scripts cannot read.
>
>SourceForge runs PHP as an Apache module, with all users' scripts
>running under a single user ID which is different from the user and
>group IDs of the individual projects. It is impossible for your script
>to read a file unless all scripts are given permission to read the
>file.
>
>For more information please see:
>http://sourceforge.net/docman/display_doc.php?
>docid=4297&group_id=1#security
>
>http://sourceforge.net/docman/display_doc.php?
>docid=14267&group_id=1#websharedreason
>
>-- brion vibber (brion @ pobox.com)
>
>--Apple-Mail-9-750934581
>content-type: application/pgp-signature; x-mac-type=70674453;
> name=PGP.sig
>content-description: This is a digitally signed message part
>content-disposition: inline; filename=PGP.sig
>content-transfer-encoding: 7bit
>
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.2.6 (Darwin)
>
>iD8DBQFBx8kcwRnhpk1wk44RAvUHAJ9xk1050Dde5xmsDkWFxS7K3uFNXgCgrqbG
>TIFIDwSP8j2qg+jO6hf0FqA=
>=MD3m
>-----END PGP SIGNATURE-----
>
>--Apple-Mail-9-750934581--
>
>
>_______________________________________________
>MediaWiki-l mailing list
>MediaWiki-l at Wikimedia.org
>http://mail.wikipedia.org/mailman/listinfo/mediawiki-l
More information about the MediaWiki-l
mailing list