[pmwiki-users] index.php
H. Fox
haganfox at gmail.com
Thu Jul 21 16:56:25 CDT 2005
On 7/21/05, Neil Herber <nospam at eton.ca> wrote:
> At 2005-07-21 02:21 PM -0700, H. Fox is rumored to have said:
> >
> >Wondering: If they're are all equivalent, what security risk does it
> >introduce?
> >
> >There's definitely risk from the renaming approach. If you forget the
> >extra step of copying pmwiki.php to index.php when you upgrade you'll
> >have security risk from (1) not getting the new version's security
> >fixes, and (2) version mixing.
>
> I wondered what the risk was too, and I did find one.
[...]
Oh. I suppose the "one line" should be commented out by default then.
Something like
<?php
## index.php for a PmWiki installation
## Uncomment the line for a typical installation.
## WikiFarms require extra path information (see documentation).
#include('pmwiki.php');
Hagan
More information about the pmwiki-users
mailing list