Just be careful about the 'MediaWiki:' restricted namespace pages. Those
can have things like JavaScript which MediaWiki often deliberately does not
escape.
On 2 November 2014 23:20, Bartosz Dziewoński <matma.rex(a)gmail.com> wrote:
On Sun, 02 Nov 2014 23:53:28 +0100, Boris Steipe
<boris.steipe(a)utoronto.ca>
wrote:
If I understand the Drupal advisory correctly, backdoors could have been
installed in the database. I don't know
nearly enough about this, but I
suspect this could mean that a backdoor could reappear on the new machine
if I were to dump my current Wiki tables from the old machine and reinstall
them on the new machine. Is this correct? And if so, what would the best
strategy be for recovery? I hope this can be done more efficiently than
copy/pasting Wikitext.
If you want to be extra paranoid, and you only care about the contents of
pages (and possibly their earlier versions) and none of all the boring
extra data, then you can export and import the contents of wiki pages. This
should always be safe, as MediaWiki assumes that all page text is hostile
user input and always parses and escapes everything that needs it.
https://www.mediawiki.org/wiki/Manual:Importing_XML_dumps
--
Bartosz Dziewoński
_______________________________________________
MediaWiki-l mailing list
To unsubscribe, go to:
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l