Opened 4 years ago

Closed 4 years ago

Last modified 4 years ago

#1310 closed Bug (fixed)

Security Plugin fails to recognise suhosin patch

Reported by: halfdan Owned by:
Priority: normal Milestone: Piwik 0.6
Component: Core Keywords: suhosin
Cc: Sensitive: no

Description

I just patched my PHP 5.3.2 with the suhosin patch and recognised that Piwiks security plugin fails to recognise the patch.

The error was to check for suhosin variables identified in php.ini. My php was running without any changes to the default suhosin settings, therefore no suhosin.* variable was defined.

It is easy to resolv this problem - the suhosin patch defines a constant "SUHOSIN_PATCH" which is easy to get via get_defined_constants().

Attachments (1)

plugin.security.patch (730 bytes) - added by halfdan 4 years ago.
Fixed version of patch.php in /SecurityInfo/PhpSecInfo/Test/Suhosin/

Download all attachments as: .zip

Change History (3)

Changed 4 years ago by halfdan

Fixed version of patch.php in /SecurityInfo/PhpSecInfo/Test/Suhosin/

comment:1 Changed 4 years ago by vipsoft (robocoder)

  • Resolution set to fixed
  • Status changed from new to closed

In [2112], fixes #1310 - fix PhpSecInfo test for Suhosin patch; thanks halfdan

comment:2 Changed 4 years ago by vipsoft (robocoder)

(In [3237]) fixes #1753, refs #1310 - get_defined_constants(false) is broken prior to php 5.2.11

Note: See TracTickets for help on using tickets.