You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm running Piwik 1.0 with FastCgi on a Debian Lenny system.
The SecurityInfo-Plugin says:
You are not running PHP with the Suhosin extension loaded. We recommend both the patch and extension for low- and high-level protections including transparent cookie encryption and remote inclusion vulnerabilities.
You are not running PHP with the Suhosin patch applied. We recommend both the patch and extension for low- and high-level protections against (for example) buffer overflows and format string vulnerabilities.
The php tells me:
/usr/bin/php5-cgi --version
PHP 5.2.6-1+lenny9 with Suhosin-Patch 0.9.6.2 (cgi-fcgi) (built: Aug 4 2010 05:59:13)
Copyright (c) 1997-2008 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2008 Zend Technologies
Same message when calling phpinfo in the piwik dir.
Keywords: feedback
The text was updated successfully, but these errors were encountered:
Perhaps the web server is using a different php binary?
Try again with this script:
<?php
print_r(get_loaded_extensions()); // this should contain "suhosin" if you have the Suhosin extension
print_r(get_defined_constants()); // this should contain SUHOSIN_PATCH if the Suhosin patch was applied
According to this the opened bug can be closed by 50%. It seems that the extension is not loaded and therefore the notice about the extension is correct.
But the notice about the patch shouldnt be given.
I'm running Piwik 1.0 with FastCgi on a Debian Lenny system.
The SecurityInfo-Plugin says:
You are not running PHP with the Suhosin extension loaded. We recommend both the patch and extension for low- and high-level protections including transparent cookie encryption and remote inclusion vulnerabilities.
You are not running PHP with the Suhosin patch applied. We recommend both the patch and extension for low- and high-level protections against (for example) buffer overflows and format string vulnerabilities.
The php tells me:
/usr/bin/php5-cgi --version
PHP 5.2.6-1+lenny9 with Suhosin-Patch 0.9.6.2 (cgi-fcgi) (built: Aug 4 2010 05:59:13)
Copyright (c) 1997-2008 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2008 Zend Technologies
Same message when calling phpinfo in the piwik dir.
Keywords: feedback
The text was updated successfully, but these errors were encountered: