[pmwiki-users] wiki farm terminology
Patrick R. Michaud
pmichaud at pobox.com
Mon Mar 20 08:17:15 CST 2006
On Mon, Mar 20, 2006 at 08:57:22AM -0500, Neil Herber wrote:
> At 2006-03-20 01:06 PM +0000, Hans is rumored to have said:
> >So you just need to set the admin password last, after invoking the
> >local/config.php scripts.
>
> If you do this, then you have forced all the wikis in the farm to
> have the same admin password. So if I know one, I can get into any of
> the supposedly isolated wikis.
They aren't forced to all use identical admin passwords -- passwords
can be arrays.
# farmconfig.php
# load wiki-specific customizations
include_once('local/config.php');
# Make sure $DefaultPasswords['admin'] is an array
$DefaultPasswords['admin'] = (array)$DefaultPasswords['admin'];
# set a farm-wide (non-overridable) admin password
$DefaultPaswords['admin'][] = crypt('farmpassword');
So yes, someone knowing the farmadmin password could get into any
of the wikis, but someone knowing an admin password set in a wiki's
config.php wouldn't be able to use that for other wikis in the farm.
Pm
More information about the pmwiki-users
mailing list