Add a whitelist of commands that a person can run #1
Comments
ghost
assigned
Hydriz
added a commit
that referenced
this issue
Nov 11, 2012
This commit attempts to do a check on whether the command is safe to excute before really running the command. Not a fix, but an initial checkin for development testing purposes.
Hydriz
added a commit
that referenced
this issue
Nov 12, 2012
This reverts commit 6a19864. Conflicts: SpecialHostStats.php
Hydriz
added a commit
that referenced
this issue
Nov 12, 2012
…can run"" This reverts commit 0e8bf31.
Hydriz
added a commit
that referenced
this issue
Nov 12, 2012
This commit attempts to do a check on whether the command is safe to excute before really running the command. Not a fix, but an initial checkin for development testing purposes.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Leaving the $wgHostStatsCommands open to all kinds of commands to run is too risky, we should have a whitelist to prevent accidental leakage of information regarding a server.
The text was updated successfully, but these errors were encountered: