Bug#440572: wordpress debian config overrides $file, $server in upstream php files

Sun, 02 Sep 2007 13:49:28 -0700 

Package: wordpress
Version: 2.2.2-1
Severity: serious
Tags: patch

The use of the variable $file in /etc/wordpress/wp-config.php
overrides $file in many of the upstream package's base files (list
below).

This can lead to unintended security holes, as the included file
(/etc/wordpress/config-<$server>.php) contains the backend MySQL
access information - *including* the plaintext password. At the very
least, the use of $file breaks WP's theme editor. Similarly, the
variable $server overrides some upstream files' variables as well,
though it's unclear that this presents any immediate concern.

The fix is simple, though perhaps inelegant. Prefix debian- to all
variable names as shown below to prevent namespace collision.

Best regards,
Joan

<?php
/** WordPress's Debianised default master config file
Please do NOT edit and read about how the configuration works in the
README.Debian
**/

    #http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=435289
    $debian-server = preg_replace('/:.*/', "", $_SERVER['HTTP_HOST']);
    $debian-file = '/etc/wordpress/config-'.strtolower($debian-server).'.php';

    if (!file_exists($debian-file)) {
        header("HTTP/1.0 404 Not Found");
        echo "404 Not found";
    }

    require_once($debian-file);

define('ABSPATH', '/usr/share/wordpress/');

require_once(ABSPATH.'wp-settings.php');
?>

-- System Information:
Debian Release: 4.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17.13-vs2.0.2.1
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages wordpress depends on:
ii  apache2-mpm-prefork [httpd]   2.2.4-3    Traditional model for Apache HTTPD
ii  libapache2-mod-php5           5.2.3-1+b1 server-side, HTML-embedded scripti
ii  libphp-phpmailer              1.73-6     full featured email transfer class
ii  mysql-client-5.0 [virtual-mys 5.0.45-1   MySQL database client binaries
ii  php5-cgi                      5.2.3-1+b1 server-side, HTML-embedded scripti
ii  php5-mysql                    5.2.3-1+b1 MySQL module for php5

wordpress recommends no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to