Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SecurityInfo Problems #3103

Closed
anonymous-matomo-user opened this issue Apr 12, 2012 · 6 comments
Closed

SecurityInfo Problems #3103

anonymous-matomo-user opened this issue Apr 12, 2012 · 6 comments
Labels
Task Indicates an issue is neither a feature nor a bug and it's purely a "technical" change.
Milestone
1.12.x

Comments

@anonymous-matomo-user
Copy link

Hi!

I am trying to make my piwik installation as secure as possible using the Security plugin. I did research in the FAQ and other places and didn't find a solution! In my (windows) localhost I have no problems, but in my real server, I got several (8 in total)! One of them is:

Notice: Undefined offset:1 in /hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Test.php on line 538

Backtrace -->
#0 Piwik_ErrorHandler(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Test.php:538]#1 PhpSecInfo_Test->getUnixId(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Core/uid.php:57]#2 PhpSecInfo_Test_Core_Uid->_retrieveCurrentValue(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Test.php:118]#3 PhpSecInfo_Test->PhpSecInfo_Test(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/PhpSecInfo.php:276]#4 PhpSecInfo->runTests(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/PhpSecInfo.php:476]#5 PhpSecInfo->loadAndRun(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/Controller.php:28]#6 Piwik_SecurityInfo_Controller->index(...) called at [:]#7 call_user_func_array(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/core/FrontController.php:138]#8 Piwik_FrontController->dispatch(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/index.php:53]

The other 7 are variations of the above, with 1 substitued by 2, and 118 by 278. Any help would be very much appreciated!

Eduardo
@robocoder
Copy link
Contributor

What's the output of this script on your real host?

<?php  var_dump(exec('id'));

@anonymous-matomo-user
Copy link
Author

Replying to vipsoft:

What's the output of this script on your real host?

<?php  var_dump(exec('id'));

Hello vipsoft!!!

The output of the script in my real server is:

string(75) "uid=2705636(ipg.var4castcom) gid=15010(cgiuser) groups=15020,15010(cgiuser)"

@robocoder
Copy link
Contributor

(In [6205]) refs #3103 - handle gid without group name; please test patch and provide feedback

@anonymous-matomo-user
Copy link
Author

Replying to vipsoft:

(In [6205]) refs #3103 - handle gid without group name; please test patch and provide feedback

Hi vipsoft!

Hier are the outputs:

Notice: Array to string conversion in /hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Test.php on line 537

Backtrace -->
#0 Piwik_ErrorHandler(...) called at [:]#1 explode(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Test.php:537]#2 PhpSecInfo_Test->getUnixId(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Core/uid.php:57]#3 PhpSecInfo_Test_Core_Uid->_retrieveCurrentValue(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Test.php:119]#4 PhpSecInfo_Test->PhpSecInfo_Test(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/PhpSecInfo.php:276]#5 PhpSecInfo->runTests(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/PhpSecInfo.php:476]#6 PhpSecInfo->loadAndRun(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/Controller.php:28]#7 Piwik_SecurityInfo_Controller->index(...) called at [:]#8 call_user_func_array(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/core/FrontController.php:138]#9 Piwik_FrontController->dispatch(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/index.php:53]

Notice: Array to string conversion in /hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Test.php on line 537

Backtrace -->
#0 Piwik_ErrorHandler(...) called at [:]#1 explode(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Test.php:537]#2 PhpSecInfo_Test->getUnixId(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Core/uid.php:48]#3 PhpSecInfo_Test_Core_Uid->isTestable(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/PhpSecInfo.php:278]#4 PhpSecInfo->runTests(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/PhpSecInfo.php:476]#5 PhpSecInfo->loadAndRun(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/Controller.php:28]#6 Piwik_SecurityInfo_Controller->index(...) called at [:]#7 call_user_func_array(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/core/FrontController.php:138]#8 Piwik_FrontController->dispatch(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/index.php:53]

Notice: Array to string conversion in /hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Test.php on line 537

Backtrace -->
#0 Piwik_ErrorHandler(...) called at [:]#1 explode(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Test.php:537]#2 PhpSecInfo_Test->getUnixId(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Core/gid.php:57]#3 PhpSecInfo_Test_Core_Gid->_retrieveCurrentValue(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Test.php:119]#4 PhpSecInfo_Test->PhpSecInfo_Test(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/PhpSecInfo.php:276]#5 PhpSecInfo->runTests(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/PhpSecInfo.php:476]#6 PhpSecInfo->loadAndRun(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/Controller.php:28]#7 Piwik_SecurityInfo_Controller->index(...) called at [:]#8 call_user_func_array(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/core/FrontController.php:138]#9 Piwik_FrontController->dispatch(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/index.php:53]

Notice: Array to string conversion in /hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Test.php on line 537

Backtrace -->
#0 Piwik_ErrorHandler(...) called at [:]#1 explode(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Test.php:537]#2 PhpSecInfo_Test->getUnixId(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Core/gid.php:49]#3 PhpSecInfo_Test_Core_Gid->isTestable(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/PhpSecInfo.php:278]#4 PhpSecInfo->runTests(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/PhpSecInfo.php:476]#5 PhpSecInfo->loadAndRun(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/Controller.php:28]#6 Piwik_SecurityInfo_Controller->index(...) called at [:]#7 call_user_func_array(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/core/FrontController.php:138]#8 Piwik_FrontController->dispatch(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/index.php:53]

And the output of

var_dump(exec('id'));

is

string(75) "uid=2705636(ipg.var4castcom) gid=15010(cgiuser) groups=15020,15010(cgiuser)"

Thanks so much for your concern and time!!!

Eduardo

@robocoder
Copy link
Contributor

It doesn't look like the patch applied cleanly because your line numbers don't jive with our copy. Please replace Test.php with this file from svn.

https://github.com/piwik/piwik/blob/master/6205/trunk/plugins/SecurityInfo/PhpSecInfo/Test/Test.php

@anonymous-matomo-user
Copy link
Author

Hi vipsoft!!!

Thanks so much!!!

All those messages are gone forever!!!

Have nice one!!!

Eduardo

@anonymous-matomo-user anonymous-matomo-user added this to the 1.12.x - Piwik 1.12.x milestone Jul 8, 2014
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Task Indicates an issue is neither a feature nor a bug and it's purely a "technical" change.
Projects
None yet
Milestone
1.12.x
Development

No branches or pull requests
2 participants
@robocoder @anonymous-matomo-user