[MediaWiki-l] Any security problems involved in letting administrators edit LocalSettings.php via a wiki page?
tstarling at wikimedia.org
Mon Jul 3 05:22:40 UTC 2017
On 02/07/17 08:22, Jean Valjean wrote:
> Well I did take my passwords out of webroot.
That doesn't help. It's trivial to get the MySQL password, you can
just do "echo $wgDBpassword", not that it is necessary to do anything
that an attacker might want to do.
-- Tim Starling
More information about the MediaWiki-l