[Phpmyadmin-devel] about ShowServerInfo

Sebastian Mendel lists at sebastianmendel.de
Wed Dec 16 12:48:35 CET 2009


Am 11.12.2009 14:29, schrieb Herman van Rink:
> Marc Delisle wrote:
>> Herman van Rink a ├ęcrit :
>>> I can imagine that some people would rather obscure these facts from
>>> view.
>>> So yes, lets make ShowServerInfo realy mean all that server info.
>>
>> I'm working on it.
>>> In that same reasoning maybe we should also offer an option to not
>>> display the phpMyAdmin version.
>>>
>> I would wait about this one.
> The Drupal community has had a lengthy discussion about this:
> http://drupal.org/node/79018
> A good point in made about not relying on security by obscurity.
>
> In a similar fashion we could include a small note in the documentation
> about which files to delete/hide/make unreadable to keep this info from
> just every web-client.

no one relies on security by obscurity - at least not here in the pma 
devel team, IMHO

it is just an information disclosure we (hm, at least i am listening) 
are talking here about

let the user choose whether to display the information or not - even if 
i think it makes not much sense

at least most of the MySQL Server related information can be gathered by 
simple SQL statements


-- 
Sebastian Mendel




More information about the Developers mailing list