[php-maint] Bug#564622: php.ini-paranoid: "Error parsing /etc/php5/apache2/php.ini on line 95" results in "not paranoid".
Andreas Krüger
andreas.krueger at famsik.de
Sun Jan 10 18:29:50 UTC 2010
Package: php5-common
Version: 5.2.6.dfsg.1-1+lenny4
Severity: normal
Tags: patch
Hello,
I copied the file provided as
/usr/share/doc/php5-common/examples/php.ini-paranoid
to
/etc/php5/apache2/php.ini
and used that.
The error.log said
PHP: Error parsing /etc/php5/apache2/php.ini on line 95
on apache startup.
Unfortunately, the apache PHP interpreter did operate on .php files in
spite of the parsing error.
Even worse, the security features the file is supposed to provide were
NOT active!
So this is somewhat of a security issue.
(Of course, one can hope an admin who is cautious enough to read the
standard php.ini
and is cautious to replace it with the paranoid one
is also cautious enough to have a look at error.log, and act on the
warning.)
The obvious repair is to add a ";" in front of line 95. I include a
patch that does that.
Regards, and thank you for providing fine software,
Andreas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: usr_share_doc_php5-common_examples_php.ini-paranoid.patch
Type: text/x-patch
Size: 484 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-php-maint/attachments/20100110/8c943996/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 260 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-php-maint/attachments/20100110/8c943996/attachment.pgp>
More information about the pkg-php-maint
mailing list