Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

SecurityInfo Problems #3103

Closed
anonymous-piwik-user opened this Issue · 6 comments

2 participants

@anonymous-piwik-user

Hi!

I am trying to make my piwik installation as secure as possible using the Security plugin. I did research in the FAQ and other places and didn't find a solution! In my (windows) localhost I have no problems, but in my real server, I got several (8 in total)! One of them is:

Notice: Undefined offset:1 in /hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Test.php on line 538

Backtrace -->
#0 Piwik_ErrorHandler(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Test.php:538]#1 PhpSecInfo_Test->getUnixId(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Core/uid.php:57]#2 PhpSecInfo_Test_Core_Uid->_retrieveCurrentValue(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Test.php:118]#3 PhpSecInfo_Test->PhpSecInfo_Test(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/PhpSecInfo.php:276]#4 PhpSecInfo->runTests(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/PhpSecInfo.php:476]#5 PhpSecInfo->loadAndRun(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/Controller.php:28]#6 Piwik_SecurityInfo_Controller->index(...) called at [:]#7 call_user_func_array(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/core/FrontController.php:138]#8 Piwik_FrontController->dispatch(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/index.php:53]

The other 7 are variations of the above, with 1 substitued by 2, and 118 by 278. Any help would be very much appreciated!

Eduardo

@robocoder

What's the output of this script on your real host?

<?php  var_dump(exec('id'));
@anonymous-piwik-user

Replying to vipsoft:

What's the output of this script on your real host?

<?php  var_dump(exec('id'));

Hello vipsoft!!!

The output of the script in my real server is:

string(75) "uid=2705636(ipg.var4castcom) gid=15010(cgiuser) groups=15020,15010(cgiuser)" 
@robocoder

(In [6205]) refs #3103 - handle gid without group name; please test patch and provide feedback

@anonymous-piwik-user

Replying to vipsoft:

(In [6205]) refs #3103 - handle gid without group name; please test patch and provide feedback

Hi vipsoft!

Hier are the outputs:

Notice: Array to string conversion in /hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Test.php on line 537

Backtrace -->
#0 Piwik_ErrorHandler(...) called at [:]#1 explode(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Test.php:537]#2 PhpSecInfo_Test->getUnixId(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Core/uid.php:57]#3 PhpSecInfo_Test_Core_Uid->_retrieveCurrentValue(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Test.php:119]#4 PhpSecInfo_Test->PhpSecInfo_Test(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/PhpSecInfo.php:276]#5 PhpSecInfo->runTests(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/PhpSecInfo.php:476]#6 PhpSecInfo->loadAndRun(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/Controller.php:28]#7 Piwik_SecurityInfo_Controller->index(...) called at [:]#8 call_user_func_array(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/core/FrontController.php:138]#9 Piwik_FrontController->dispatch(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/index.php:53]
Notice: Array to string conversion in /hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Test.php on line 537

Backtrace -->
#0 Piwik_ErrorHandler(...) called at [:]#1 explode(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Test.php:537]#2 PhpSecInfo_Test->getUnixId(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Core/uid.php:48]#3 PhpSecInfo_Test_Core_Uid->isTestable(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/PhpSecInfo.php:278]#4 PhpSecInfo->runTests(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/PhpSecInfo.php:476]#5 PhpSecInfo->loadAndRun(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/Controller.php:28]#6 Piwik_SecurityInfo_Controller->index(...) called at [:]#7 call_user_func_array(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/core/FrontController.php:138]#8 Piwik_FrontController->dispatch(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/index.php:53]
Notice: Array to string conversion in /hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Test.php on line 537

Backtrace -->
#0 Piwik_ErrorHandler(...) called at [:]#1 explode(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Test.php:537]#2 PhpSecInfo_Test->getUnixId(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Core/gid.php:57]#3 PhpSecInfo_Test_Core_Gid->_retrieveCurrentValue(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Test.php:119]#4 PhpSecInfo_Test->PhpSecInfo_Test(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/PhpSecInfo.php:276]#5 PhpSecInfo->runTests(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/PhpSecInfo.php:476]#6 PhpSecInfo->loadAndRun(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/Controller.php:28]#7 Piwik_SecurityInfo_Controller->index(...) called at [:]#8 call_user_func_array(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/core/FrontController.php:138]#9 Piwik_FrontController->dispatch(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/index.php:53]
Notice: Array to string conversion in /hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Test.php on line 537

Backtrace -->
#0 Piwik_ErrorHandler(...) called at [:]#1 explode(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Test.php:537]#2 PhpSecInfo_Test->getUnixId(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/Test/Core/gid.php:49]#3 PhpSecInfo_Test_Core_Gid->isTestable(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/PhpSecInfo.php:278]#4 PhpSecInfo->runTests(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/PhpSecInfo/PhpSecInfo.php:476]#5 PhpSecInfo->loadAndRun(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/plugins/SecurityInfo/Controller.php:28]#6 Piwik_SecurityInfo_Controller->index(...) called at [:]#7 call_user_func_array(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/core/FrontController.php:138]#8 Piwik_FrontController->dispatch(...) called at [/hermes/bosweb/web197/b1970/ipg.var4castcom/piwik/index.php:53]

And the output of

var_dump(exec('id'));

is

string(75) "uid=2705636(ipg.var4castcom) gid=15010(cgiuser) groups=15020,15010(cgiuser)" 

Thanks so much for your concern and time!!!

Eduardo

@robocoder

It doesn't look like the patch applied cleanly because your line numbers don't jive with our copy. Please replace Test.php with this file from svn.

https://github.com/piwik/piwik/blob/master/6205/trunk/plugins/SecurityInfo/PhpSecInfo/Test/Test.php

@anonymous-piwik-user

Hi vipsoft!!!

Thanks so much!!!

All those messages are gone forever!!!

Have nice one!!!

Eduardo

This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.