diff options
Diffstat (limited to 'config/global.ini.php')
-rw-r--r-- | config/global.ini.php | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/config/global.ini.php b/config/global.ini.php index af3eb6f7b8..d12f73c1c0 100644 --- a/config/global.ini.php +++ b/config/global.ini.php @@ -539,6 +539,11 @@ enable_load_data_infile = 1 ; - links to Uninstall themes will be disabled (but user can still enable/disable themes) enable_plugins_admin = 1 +; By setting this option to 1, it will be possible for Super Users to upload Piwik plugin ZIP archives directly in Piwik Administration. +; Enabling this opens a remote code execution vulnerability where +; an attacker who gained Super User access could execute custom PHP code in a Piwik plugin. +enable_plugin_upload = 0 + ; By setting this option to 0, you can prevent Super User from editing the Geolocation settings. enable_geolocation_admin = 1 |