[Pkg-cacti-maint] Bug#566609: Bug#566609: bug not in cacti

Francois Beaulieu francois.beaulieu at securebyknowledge.com
Thu May 3 18:02:22 UTC 2012

On 2012-05-03, at 12:42 PM, Paul Gevers wrote:

On 03-05-12 00:38, Francois Beaulieu wrote:
It appears to be solved upstream:

Which part?

I have not had a chance to verify it personally, but they seem to no longer use ini_set within cmd.php or other cacti php scripts, according to the notes. This would mean that we would not need to modify the scripts to add --define suhosin.memory_limit to script calls.


This change (revision 5717) never made it completely to the 0.8.X branch
and remained in main. They did make nearly the same change to the 0.8.7
branch in revision 5743 (April 2010), without the configuration part.

Has it made it into v0.8.8? The case notes certainly indiciate that it did.

- on which version of cacti did you do your verifications?

I have not tested against any versions other than the v0.8.7g provided by Debian.

- do we still need the --define suhosin.memory_limit lines, even if a
proper memory_limit is set by cacti's scripts? As I understand it, yes,
or are those suhosin limits taken from the php memory_limit?

We will need to define suhosin.memory_limit in all versions that don't include the fix. From my understanding of the fix, users may also need to add it manually to the scripts in the fixed version if they define a non-standard memory_limit in config.pgp. However, since by default the memory_limit will be fixed to 512M globally, no script will use ini_set to increase its memory, and suhosin will thus no longer complain even when suhosin.memory_limit isn't defined. This is my understanding, but is untested, so it may be wrong. (I have no time to set up and est a non-debian version right now.)

François Beaulieu
Courriel: francois.beaulieu at securebyknowledge.com<mailto:francois.beaulieu at securebyknowledge.com> | Web: www.securebyknowledge.com<http://www.securebyknowledge.com/>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-cacti-maint/attachments/20120503/c92a96d4/attachment.html>

More information about the Pkg-cacti-maint mailing list