[MediaWiki-l] Special:Version leaks info on open_basedir

Jeffrey Walton noloader at gmail.com
Sun Dec 23 22:53:49 UTC 2018

Hi Everyone,

A while back we applied hardening per
. Our php.ini includes the following:

    ;; #15 Limit PHP Access To File System
    ;; Allows recursive descent

When (1) the cache is stale, and (2) we run Special:Version, then part
of our security configuration is provided:

Is there any way to close that hole?

I'm OK with allowing Git to run, but I don't know how to do it short
of opening up /usr/bin to the web server.

Thanks in advance.

More information about the MediaWiki-l mailing list