Last modified: 2013-01-09 11:15:19 UTC
When your php has Suhosin support, php update.php throws this message suhosin[29923]: ALERT - script tried to disable memory_limit by setting it to a negative value -1 bytes which is not allowed (attacker 'REMOTE_ADDR not set', file '/srv/www-ssl/htdocs/phase3/maintenance/Maintenance.php', line 546)
(In reply to comment #0) > When your php has Suhosin support, php update.php throws this message > > suhosin[29923]: ALERT - script tried to disable memory_limit by setting it > to a > negative value -1 bytes which is not allowed (attacker 'REMOTE_ADDR not set', > file '/srv/www-ssl/htdocs/phase3/maintenance/Maintenance.php', line 546) I doubt there's much we can do about this. We have legitimate reasons for disabling the memory limit here. Does this just give an alert, or does it also prevent the script from executing? Perhaps we could set the limit to a couple gigabytes instead or something.
Brian, it's only an alert, the script runs - at least what I can see in the console. I just want to inform everyone about this behaviour (not everyone runs Suhosin). I suppose however, that Suhosin effectively prevents the update,php from actually increasing the memory, so update,php _may_ fail because of exhausted memory. "I am not an expert in this field, only the reporter." If you want me to test something, let me know.
>Brian, it's only an alert, the script runs - at least what I can see in the >console. I just want to inform everyone about this behaviour (not everyone runs >Suhosin). I was just checking from a "how critical is this" perspective. The warning isn't great, but not as bad as if this prevent the script from running.
btw, changing components, since this is something that gets done for all maintenance scripts, not just the updater.
Disable this check for command-line PHP: http://www.hardened-php.net/suhosin/configuration.html#suhosin.memory_limit Working around it is not possible because some command-line scripts have a valid reason to demand a lot of memory, and not requesting it would mean that they will fail.