Friday, August 19, 2005

postNuke got Nuked

Got a fright when I found that my project site on sourceforge was down. Some cryptic message about Smarty.class.php not able to write to a directory. I checked the dir which postNuke uses to confirm that it was chmodded 777.

I then did some googling, and I read that some guys from postNuke have found some exploits namely xmlrpc.php etc, etc...

So I became paranoid and jumped to the conclusion that the site was down because of some flaw. So since it was working before Monday, I asked support at to rollback my site to then, and hopefully I can patch things up.
So I sent in an issue, and today I got this response:

(2005-08-15 10:53:57 - Project Web Service)
Inquiries regarding Internal Service Errors should be directed to the administrator for the project managing that project web site; some web-based applications (maintained by individual projects) will malfunction due to the read-only remount of the project group directories; data needs to be moved to the project MySQL database, or the /tmp/persistent directory
structure as per

So that was all to it! They remounted the drives to be read only, which means my temp drive for postNuke had to be redirected to /tmp/persistent/...
So I changed the config.php settings, and voila, it worked.


2 lewsers:

Jason Lim said...

Is this related to the problem as well?

Yoon Kit said...

looks like it.
Whatever it was, Ive disabled that file...