Author: debian
Description:
Forwarded from Debian (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550940):
After running the web-based initial configuration of mediawiki
(/var/lib/mediawiki/config/index.php), it created a LocalSettings.php
and instructed me to place it in /etc/mediawiki:
~$ ls -l /etc/mediawiki/LocalSettings.php
-rw-rw-rw- 1 www-data www-data 4536 14 okt 10.54 /etc/mediawiki/LocalSettings.php
This file contains MySQL passwords and should therefore not be world-readable.
I notice that README.Debian suggests changing this, but the file
should not be created world-readable in the first place.
Version: 1.16.x
Severity: normal
OS: Linux
Platform: PC