Possible widespread PHP configuration issue - security risk
cliff at develix.com
Fri Aug 27 21:45:38 MSD 2010
On Fri, 2010-08-27 at 18:21 +0100, Ed W wrote:
> > Nevertheless, I've updated the MediaWiki entry. I'm sure there's still
> > 8000 other security holes in MediaWiki that allow remote execution of
> > code, but hopefully this isn't one of them.
> The nginx wiki has of a few moments ago stopped responding for me? I
> could get to it a before, now the browser just hangs saying "connecting
> to wiki.nginx.org"?
> downloading, this is blocking page loading for me?
> That aside, I *hope* we can do better than whatever you wrote (don't
> know what you wrote though...).
> Can you please see my more recent email where I have listed some general
> categories of application and perhaps we can hammer out some generic
> configurations that solve those situations?
I simply do not have time for the next several days. I'm literally
working day and night on an app that I need ready by Monday.
Plus, I am probably the worst person to work on PHP issues as I firmly
believe PHP to be utter crap starting from its conception right down to
the last byte of its actual implementation. It tries my patience in
ways a toddler wired on espresso couldn't.
More information about the nginx