Changeset View
Changeset View
Standalone View
Standalone View
src/applications/config/check/PhabricatorMySQLSetupCheck.php
Show First 20 Lines • Show All 376 Lines • ▼ Show 20 Lines | if ($delta > 60) { | ||||
'current time by more than 60 seconds (absolute skew is %s '. | 'current time by more than 60 seconds (absolute skew is %s '. | ||||
'seconds). Check that the current time is set correctly '. | 'seconds). Check that the current time is set correctly '. | ||||
'everywhere.', | 'everywhere.', | ||||
$host_name, | $host_name, | ||||
php_uname('n'), | php_uname('n'), | ||||
new PhutilNumber($delta))); | new PhutilNumber($delta))); | ||||
} | } | ||||
$local_infile = $ref->loadRawMySQLConfigValue('local_infile'); | |||||
if ($local_infile) { | |||||
$summary = pht( | |||||
'The MySQL "local_infile" option is enabled. This option is '. | |||||
'unsafe.'); | |||||
$message = pht( | |||||
'Your MySQL server is configured with the "local_infile" option '. | |||||
'enabled. This option allows an attacker who finds an SQL injection '. | |||||
'hole to escalate their attack by copying files from the webserver '. | |||||
'into the database with "LOAD DATA LOCAL INFILE" queries, then '. | |||||
'reading the file content with "SELECT" queries.'. | |||||
"\n\n". | |||||
'You should disable this option in your %s file, in the %s section:'. | |||||
"\n\n". | |||||
'%s', | |||||
phutil_tag('tt', array(), 'my.cnf'), | |||||
phutil_tag('tt', array(), '[mysqld]'), | |||||
phutil_tag('pre', array(), 'local_infile=0')); | |||||
$this->newIssue('mysql.local_infile') | |||||
->setName(pht('Unsafe MySQL "local_infile" Setting Enabled')) | |||||
->setSummary($summary) | |||||
->setMessage($message) | |||||
->setDatabaseRef($ref) | |||||
->addMySQLConfig('local_infile'); | |||||
} | |||||
} | } | ||||
protected function shouldUseMySQLSearchEngine() { | protected function shouldUseMySQLSearchEngine() { | ||||
$services = PhabricatorSearchService::getAllServices(); | $services = PhabricatorSearchService::getAllServices(); | ||||
foreach ($services as $service) { | foreach ($services as $service) { | ||||
if ($service instanceof PhabricatorMySQLSearchHost) { | if ($service instanceof PhabricatorMySQLSearchHost) { | ||||
return true; | return true; | ||||
} | } | ||||
} | } | ||||
return false; | return false; | ||||
} | } | ||||
} | } |