Plugin SecurityInfo shows wrong result for Suhosin Extension
|Reported by:||RennerChristian||Owned by:|
I'm running Piwik 1.0 with FastCgi on a Debian Lenny system.
The SecurityInfo-Plugin says:
1) You are not running PHP with the Suhosin extension loaded. We recommend both the patch and extension for low- and high-level protections including transparent cookie encryption and remote inclusion vulnerabilities.
2) You are not running PHP with the Suhosin patch applied. We recommend both the patch and extension for low- and high-level protections against (for example) buffer overflows and format string vulnerabilities.
The php tells me:
PHP 5.2.6-1+lenny9 with Suhosin-Patch 0.9.6.2 (cgi-fcgi) (built: Aug 4 2010 05:59:13)
Copyright (c) 1997-2008 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2008 Zend Technologies
Same message when calling phpinfo in the piwik dir.