PHPMYADMIN & Suhosin

Discussion in 'Installation/Configuration' started by vaio1, Mar 29, 2011.

  1. vaio1

    vaio1 ISPConfig Developer

    Hi guys,

    If I connect with phpmyadmin I get these messages:

    Code:
    Server running with Suhosin. Please refer to documentation for possible issues.
    Code:
    The additional features for working with linked tables have been deactivated. To find out why click here.
    If I click on the link suggested I can see these messages:
    Code:
    $cfg['Servers'][$i]['pmadb'] ... 	not OK [ Documentation ]
    $cfg['Servers'][$i]['relation'] ... 	not OK [ Documentation ]
    General relation features: Disabled
     
    $cfg['Servers'][$i]['table_info'] ... 	not OK [ Documentation ]
    Display Features: Disabled
     
    $cfg['Servers'][$i]['table_coords'] ... 	not OK [ Documentation ]
    $cfg['Servers'][$i]['pdf_pages'] ... 	not OK [ Documentation ]
    Creation of PDFs: Disabled
     
    $cfg['Servers'][$i]['column_info'] ... 	not OK [ Documentation ]
    Displaying Column Comments: Disabled
    Browser transformation: Disabled
     
    $cfg['Servers'][$i]['bookmarktable'] ... 	not OK [ Documentation ]
    Bookmarked SQL query: Disabled
     
    $cfg['Servers'][$i]['history'] ... 	not OK [ Documentation ]
    SQL history: Disabled
     
    $cfg['Servers'][$i]['designer_coords'] ... 	not OK [ Documentation ]
    Designer: Disabled
     
    $cfg['Servers'][$i]['tracking'] ... 	not OK [ Documentation ]
    Tracking: Disabled
    
    but the config file has been set in this way:

    Code:
    <?php
    /**
     * Debian local configuration file
     *
     * This file overrides the settings made by phpMyAdmin interactive setup
     * utility.
     *
     * For example configuration see /usr/share/doc/phpmyadmin/examples/config.default.php.gz
     *
     * NOTE: do not add security sensitive data to this file (like passwords)
     * unless you really know what you're doing. If you do, any user that can
     * run PHP or CGI on your webserver will be able to read them. If you still
     * want to do this, make sure to properly secure the access to this file
     * (also on the filesystem level).
     */
    
    /**
     * Server(s) configuration
     */
    $i = 0;
    // The $cfg['Servers'] array starts with $cfg['Servers'][1].  Do not use $cfg['Servers'][0].
    // You can disable a server config entry by setting host to ''.
    $i++;
    
    /**
     * Read configuration from dbconfig-common
     * You can regenerate it using: dpkg-reconfigure -plow phpmyadmin
     */
    if (is_readable('/etc/phpmyadmin/config-db.php')) {
        require('/etc/phpmyadmin/config-db.php');
    }
    
    /* Configure according to dbconfig-common if enabled */
    if (!empty($dbname)) {
        /* Authentication type */
        $cfg['Servers'][$i]['auth_type'] = 'cookie';
        /* Server parameters */
        if (empty($dbserver)) $dbserver = 'localhost';
        $cfg['Servers'][$i]['host'] = $dbserver;
    
        if (!empty($dbport)) {
            $cfg['Servers'][$i]['connect_type'] = 'tcp';
            $cfg['Servers'][$i]['port'] = $dbport;
        }
        //$cfg['Servers'][$i]['compress'] = false;
        /* Select mysqli if your server has it */
        $cfg['Servers'][$i]['extension'] = 'mysqli';
        /* Optional: User for advanced features */
        $cfg['Servers'][$i]['controluser'] = $dbuser;
        $cfg['Servers'][$i]['controlpass'] = $dbpass;
        /* Optional: Advanced phpMyAdmin features */
        $cfg['Servers'][$i]['pmadb'] = $dbname;
        $cfg['Servers'][$i]['bookmarktable'] = 'pma_bookmark';
        $cfg['Servers'][$i]['relation'] = 'pma_relation';
        $cfg['Servers'][$i]['table_info'] = 'pma_table_info';
        $cfg['Servers'][$i]['table_coords'] = 'pma_table_coords';
        $cfg['Servers'][$i]['pdf_pages'] = 'pma_pdf_pages';
        $cfg['Servers'][$i]['column_info'] = 'pma_column_info';
        $cfg['Servers'][$i]['history'] = 'pma_history';
        $cfg['Servers'][$i]['designer_coords'] = 'pma_designer_coords';
        $cfg['Servers'][$i]['tracking'] = 'pma_tracking';
    
    
    
    
        /* Uncomment the following to enable logging in to passwordless accounts,
         * after taking note of the associated security risks. */
        // $cfg['Servers'][$i]['AllowNoPassword'] = TRUE;
    
        /* Advance to next server for rest of config */
        $i++;
    }
    
    /* Authentication type */
    //$cfg['Servers'][$i]['auth_type'] = 'cookie';
    /* Server parameters */
    //$cfg['Servers'][$i]['host'] = 'localhost';
    //$cfg['Servers'][$i]['connect_type'] = 'tcp';
    //$cfg['Servers'][$i]['compress'] = false;
    /* Select mysqli if your server has it */
    //$cfg['Servers'][$i]['extension'] = 'mysql';
    /* Optional: User for advanced features */
    // $cfg['Servers'][$i]['controluser'] = 'pma';
    // $cfg['Servers'][$i]['controlpass'] = 'pmapass';
    
    /* Optional: Advanced phpMyAdmin features */
    // $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';
    // $cfg['Servers'][$i]['bookmarktable'] = 'pma_bookmark';
    // $cfg['Servers'][$i]['relation'] = 'pma_relation';
    // $cfg['Servers'][$i]['table_info'] = 'pma_table_info';
    // $cfg['Servers'][$i]['table_coords'] = 'pma_table_coords';
    // $cfg['Servers'][$i]['pdf_pages'] = 'pma_pdf_pages';
    // $cfg['Servers'][$i]['column_info'] = 'pma_column_info';
    // $cfg['Servers'][$i]['history'] = 'pma_history';
    // $cfg['Servers'][$i]['designer_coords'] = 'pma_designer_coords';
    /* Uncomment the following to enable logging in to passwordless accounts,
     * after taking note of the associated security risks. */
    // $cfg['Servers'][$i]['AllowNoPassword'] = TRUE;
    
    /*
     * End of servers configuration
     */
    
    /*
     * Directories for saving/loading files from server
     */
    $cfg['UploadDir'] = '';
    $cfg['SaveDir'] = '';
    
    what's the problem?
    thanks
     
  2. falko

    falko Super Moderator

    Does it work if you disable Suhosin?
     
  3. vaio1

    vaio1 ISPConfig Developer

    How have I disable it?
     
  4. falko

    falko Super Moderator

    Is there a suhosin.ini in /etc/php5/conf.d/? If so, you can disable it there. Restart Apache afterwards.
     
  5. vaio1

    vaio1 ISPConfig Developer

    yes I have seen it but which is the command that I have to write in suhosin.ini file in order to disable it?
     
  6. falko

    falko Super Moderator

    Can you post the contents of your suhosin.ini?
     
  7. vaio1

    vaio1 ISPConfig Developer

    Code:
    ; configuration for php suhosin module
    extension=suhosin.so
    
    ;;;;;;;;;;;;;;;;;;;
    ; Module Settings ;
    ;;;;;;;;;;;;;;;;;;;
    ; the following values are the internal default settings and set implicit
    ; feel free to modify to your needs
    ; documentation can be found at:
    ; http://www.hardened-php.net/suhosin/configuration.html
    ; or have a look into /usr/share/doc/php5-suhosin/examples/suhosin.ini.gz
    
    [suhosin]
    suhosin.session.encrypt = Off
    ; Logging Configuration
    ;suhosin.log.syslog =
    ;suhosin.log.syslog.facility = 9
    ;suhosin.log.syslog.priority = 1
    ;suhosin.log.sapi =
    ;suhosin.log.script = 0
    ;suhosin.log.phpscript = 0
    ;suhosin.log.script.name =
    ;suhosin.log.phpscript.name =
    ;suhosin.log.use-x-forwarded-for = off
    
    ; Executor Options
    ;suhosin.executor.max_depth = 0
    ;suhosin.executor.include.max_traversal = 0
    ;suhosin.executor.include.whitelist =
    ;suhosin.executor.include.blacklist =
    ;suhosin.executor.include.allow_writable_files = on
    ;suhosin.executor.func.whitelist =
    ;suhosin.executor.func.blacklist =
    ;suhosin.executor.eval.whitelist =
    ;suhosin.executor.eval.blacklist =
    ;suhosin.executor.disable_eval = off
    ;suhosin.executor.disable_emodifier = off
    ;suhosin.executor.allow_symlink = off
    
    ; Misc Options
    ;suhosin.simulation = off
    ;suhosin.apc_bug_workaround = off
    ;suhosin.sql.bailout_on_error = off
    ;suhosin.sql.user_prefix =
    ;suhosin.sql.user_postfix =
    ;suhosin.multiheader = off
    ;suhosin.mail.protect = 0
    ;suhosin.memory_limit = 0
    
    ; Transparent Encryption Options
    ;suhosin.session.encrypt = on
    ;suhosin.session.cryptkey =
    ;suhosin.session.cryptua = on
    ;suhosin.session.cryptdocroot = on
    ;suhosin.session.cryptraddr = 0
    ;suhosin.session.checkraddr = 0
    ;suhosin.cookie.encrypt = on
    ;suhosin.cookie.cryptkey =
    ;suhosin.cookie.cryptua = on
    ;suhosin.cookie.cryptdocroot = on
    ;suhosin.cookie.cryptraddr = 0
    ;suhosin.cookie.checkraddr = 0
    ;suhosin.cookie.cryptlist =
    ;suhosin.cookie.plainlist =
    
    ; Randomness
    ;suhosin.srand.ignore = on
    ;suhosin.mt_srand.ignore = on
    
    ; Filtering Options
    ;suhosin.filter.action =
    ;suhosin.cookie.max_array_depth = 100
    ;suhosin.cookie.max_array_index_length = 64
    ;suhosin.cookie.max_name_length = 64
    ;suhosin.cookie.max_totalname_length = 256
    ;suhosin.cookie.max_value_length = 10000
    ;suhosin.cookie.max_vars = 100
    ;suhosin.cookie.disallow_nul = on
    ;suhosin.get.max_array_depth = 50
    ;suhosin.get.max_array_index_length = 64
    ;suhosin.get.max_name_length = 64
    ;suhosin.get.max_totalname_length = 256
    ;suhosin.get.max_value_length = 512
    ;suhosin.get.max_vars = 100
    ;suhosin.get.disallow_nul = on
    ;suhosin.post.max_array_depth = 100
    ;suhosin.post.max_array_index_length = 64
    ;suhosin.post.max_name_length = 64
    ;suhosin.post.max_totalname_length = 256
    ;suhosin.post.max_value_length = 1000000
    ;suhosin.post.max_vars = 1000
    ;suhosin.post.disallow_nul = on
    ;suhosin.request.max_array_depth = 100
    ;suhosin.request.max_array_index_length = 64
    ;suhosin.request.max_totalname_length = 256
    ;suhosin.request.max_value_length = 1000000
    ;suhosin.request.max_vars = 1000
    ;suhosin.request.max_varname_length = 64
    ;suhosin.request.disallow_nul = on
    ;suhosin.server.encode = on
    ;suhosin.server.strip = on
    ;suhosin.upload.max_uploads = 25
    ;suhosin.upload.disallow_elf = on
    ;suhosin.upload.disallow_binary = off
    ;suhosin.upload.remove_binary = off
    ;suhosin.upload.verification_script =
    ;suhosin.session.max_id_length = 128
    ;suhosin.coredump = off
    ;suhosin.protectkey = 1
    ;suhosin.stealth = 1
    ;suhosin.perdir = "0"
    
     
  8. falko

    falko Super Moderator

    Comment out the lines
    Code:
    extension=suhosin.so
    and
    Code:
    suhosin.session.encrypt = Off
    with a semicolon in the beginning and restart Apache.
     
  9. vaio1

    vaio1 ISPConfig Developer

    Perfect!
    but the phpmyadmin replies me that there are additional features for working with linked tables have been deactivated.

    Code:
    $cfg['Servers'][$i]['pmadb'] ... 	not OK [ Documentation ]
    $cfg['Servers'][$i]['relation'] ... 	not OK [ Documentation ]
    General relation features: Disabled
     
    $cfg['Servers'][$i]['table_info'] ... 	not OK [ Documentation ]
    Display Features: Disabled
     
    $cfg['Servers'][$i]['table_coords'] ... 	not OK [ Documentation ]
    $cfg['Servers'][$i]['pdf_pages'] ... 	not OK [ Documentation ]
    Creation of PDFs: Disabled
     
    $cfg['Servers'][$i]['column_info'] ... 	not OK [ Documentation ]
    Displaying Column Comments: Disabled
    Browser transformation: Disabled
     
    $cfg['Servers'][$i]['bookmarktable'] ... 	not OK [ Documentation ]
    Bookmarked SQL query: Disabled
     
    $cfg['Servers'][$i]['history'] ... 	not OK [ Documentation ]
    SQL history: Disabled
     
    $cfg['Servers'][$i]['designer_coords'] ... 	not OK [ Documentation ]
    Designer: Disabled
     
    $cfg['Servers'][$i]['tracking'] ... 	not OK [ Documentation ]
    Tracking: Disabled
     
    Open new phpMyAdmin window 
    
    thanks
     
  10. esezako

    esezako New Member


    I have the same problem.
     
  11. mascoxx

    mascoxx New Member

    Me too :)

    Any news?
     
  12. mascoxx

    mascoxx New Member

Share This Page