[wp-trac] [WordPress Trac] #23140: WordPress giving too much info to end users on DB error
WordPress Trac
noreply at wordpress.org
Tue Jan 8 12:57:15 UTC 2013
#23140: WordPress giving too much info to end users on DB error
--------------------------+------------------------------
Reporter: AKTed | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Database | Version: 3.5
Severity: normal | Resolution:
Keywords: |
--------------------------+------------------------------
Comment (by AKTed):
While it is ''live'', as I mentioned it is for testing/staging, so it is
accessible to public. I need the notices and warnings. Since I'm not savvy
enough to configure my local XAMPP identical to my shared host I use a
live testbed.
But if it shows the same errors to end users, regardless of WP_DEBUG
setting, then it seems to be a major security issue. No one (other than
myself, those I choose, and my host) should have '''''any''''' way to know
my site's underlying file structure and DB host.
Since this is on my shared hosting account, my "for real" live site and my
testbed use the same DB servers. They do have their own DB's, though. I
imagine (but didn't have time to test) that when my testbed was down, my
live site was down as well.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/23140#comment:5>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list