/dev/urandom is not readable by PHP which is highly discouraged for security reasons

80x-older-eol

#1

Hello! Help please correct the error /dev/urandom is not readable by PHP which is highly discouraged for security reasons

ownCloud 8.0.16, OS Windows server, HTTP OpenServer

php.ini

`[PHP]
;user_ini.filename = ".user.ini"
;user_ini.filename =
;user_ini.cache_ttl = 300

engine = On
short_open_tag = On
asp_tags = Off
precision = 14
output_buffering = off
;output_handler =
zlib.output_compression = Off
;zlib.output_compression_level = -1
;zlib.output_handler =
implicit_flush = Off
unserialize_callback_func =
serialize_precision = 17

; --------------------------------------------
; Установка защиты от внешнего доступа
; См. Руководство Пользователя: Защита сервера
; --------------------------------------------
%disallow%open_basedir = "%ssitedir%;%sprogdir%/userdata/temp;%sprogdir%/modules/system/html/openserver;%sprogdir%/modules/php/%phpdriver%"
%disallow%disable_functions = exec,system,shell_exec,passthru,popen,pclose,dl,apache_note,apache_setenv,define_syslog_variables,pcntl_exec,syslog,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,apache_child_terminate,posix_getpwuid
; --------------------------------------------

disable_classes =
;highlight.string = #DD0000
;highlight.comment = #FF9900
;highlight.keyword = #007700
;highlight.default = #0000BB
;highlight.html = #000000

ignore_user_abort = Off
realpath_cache_size=2048k
realpath_cache_ttl=600
zend.enable_gc = On
;zend.multibyte = Off
;zend.script_encoding =

expose_php = Off
max_execution_time = 180
max_input_time = 180
;max_input_nesting_level = 64
; max_input_vars = 1000
memory_limit = 1536M

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Error handling and logging ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0)
; E_ERROR - fatal run-time errors
; E_RECOVERABLE_ERROR - almost fatal run-time errors
; E_WARNING - run-time warnings (non-fatal errors)
; E_PARSE - compile-time parse errors
; E_NOTICE - run-time notices (these are warnings which often result
; from a bug in your code, but it's possible that it was
; intentional (e.g., using an uninitialized variable and
; relying on the fact it's automatically initialized to an
; empty string)
; E_STRICT - run-time notices, enable to have PHP suggest changes
; to your code which will ensure the best interoperability
; and forward compatibility of your code
; E_CORE_ERROR - fatal errors that occur during PHP's initial startup
; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's
; initial startup
; E_COMPILE_ERROR - fatal compile-time errors
; E_COMPILE_WARNING - compile-time warnings (non-fatal errors)
; E_USER_ERROR - user-generated error message
; E_USER_WARNING - user-generated warning message
; E_USER_NOTICE - user-generated notice message
; E_DEPRECATED - warn about code that will not work in future versions
; of PHP
; E_USER_DEPRECATED - user-generated deprecation warnings
;
; Common Values:
; E_ALL (Show all errors, warnings and notices including coding standards.)
; E_ALL & ~E_NOTICE (Show all errors, except for notices)
; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.)
; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors)
; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED
; Development Value: E_ALL
; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT
; http://php.net/error-reporting
error_reporting = E_ALL & ~E_NOTICE & ~E_DEPRECATED & ~E_STRICT
display_errors = On
display_startup_errors = On
log_errors = On

log_errors_max_len = 1024
ignore_repeated_errors = Off
ignore_repeated_source = Off
report_memleaks = Off
;report_zend_debug = 0
track_errors = On
;xmlrpc_errors = 0
;xmlrpc_error_number = 0
html_errors = On
;docref_root = "/phpmanual/"
;docref_ext = .html
;error_prepend_string = ""
;error_append_string = "
"
error_log = "%sprogdir%/userdata/logs/%phpdriver%_error.log"
;windows.show_crt_warning

;arg_separator.output = "&"
;arg_separator.input = ";&"
variables_order = "GPCS"
request_order = "GP"
register_argc_argv = On
auto_globals_jit = On
;enable_post_data_reading = Off
auto_prepend_file =
auto_append_file =
default_mimetype = "text/html"
;default_charset = "UTF-8"
;always_populate_raw_post_data = On

include_path = ".;%sprogdir%/modules/php/%phpdriver%;%sprogdir%/modules/php/%phpdriver%/PEAR/pear"
doc_root =
user_dir =
extension_dir = "%sprogdir%/modules/php/%phpdriver%/ext/"
enable_dl = Off

cgi.force_redirect = 0
cgi.fix_pathinfo=0
fastcgi.impersonate = 0
fastcgi.logging = 0
cgi.nph = 0
cgi.rfc2616_headers = 0

file_uploads = On
upload_tmp_dir = "%sprogdir%/userdata/temp/"
upload_max_filesize = 100M
post_max_size = 100M
max_file_uploads = 20

allow_url_fopen = On
allow_url_include = Off
;from="john@doe.com"
;user_agent="PHP"
default_socket_timeout = 60
;auto_detect_line_endings = Off

extension=php_mbstring.dll
extension=php_bz2.dll
;extension=php_com_dotnet.dll
extension=php_curl.dll
;extension=php_enchant.dll
extension=php_exif.dll
extension=php_fileinfo.dll
extension=php_gd2.dll
extension=php_gettext.dll
;extension=php_gmp.dll
extension=php_imap.dll
;extension=php_interbase.dll
;extension=php_intl.dll
;extension=php_ldap.dll
extension=php_memcache.dll
extension=php_mongo.dll
extension=php_mongodb.dll
extension=php_mysql.dll
extension=php_mysqli.dll
;extension=php_oci8_12c.dll
extension=php_openssl.dll
;extension=php_pdo_firebird.dll
extension=php_pdo_mysql.dll
;extension=php_pdo_oci.dll
;extension=php_pdo_odbc.dll
extension=php_pdo_pgsql.dll
extension=php_pdo_sqlite.dll
;extension=php_pgsql.dll
;extension=php_phalcon.dll
extension=php_redis.dll
;extension=php_shmop.dll
; The MIBS data available in the PHP distribution must be installed.
; See http://www.php.net/manual/en/snmp.installation.php
;extension=php_snmp.dll
extension=php_soap.dll
extension=php_sockets.dll
extension=php_sqlite3.dll
;extension=php_sybase_ct.dll
;extension=php_tidy.dll
extension=php_timezonedb.dll
extension=php_xmlrpc.dll
extension=php_xsl.dll

[CLI Server]
cli_server.color = On

[curl]
curl.cainfo = "%sprogdir%/modules/php/%phpdriver%/cacert.pem"

[Date]
date.timezone = "Europe/Moscow"
;date.default_latitude = 31.7667
;date.default_longitude = 35.2333
;date.sunrise_zenith = 90.583333
;date.sunset_zenith = 90.583333

[filter]
;filter.default = unsafe_raw
;filter.default_flags =

[iconv]
;iconv.input_encoding = ISO-8859-1
;iconv.internal_encoding = ISO-8859-1
;iconv.output_encoding = ISO-8859-1

[intl]
;intl.default_locale =
;intl.error_level = E_WARNING

[sqlite]
;sqlite.assoc_case = 0

[sqlite3]
;sqlite3.extension_dir =

[Pcre]
;pcre.backtrack_limit=100000
;pcre.recursion_limit=100000

[Pdo]
;pdo_odbc.connection_pooling=strict
;pdo_odbc.db2_instance_name

[Pdo_mysql]
pdo_mysql.cache_size = 2000
pdo_mysql.default_socket=

[Phar]
;phar.readonly = On
;phar.require_hash = On
;phar.cache_list =

[mail function]
;SMTP = localhost
;smtp_port = 25
;sendmail_from = me@example.com
sendmail_path = "%mailway%"
;mail.force_extra_parameters =
mail.add_x_header = On
;mail.log =

[SQL]
sql.safe_mode = Off

[ODBC]
;odbc.default_db = Not yet implemented
;odbc.default_user = Not yet implemented
;odbc.default_pw = Not yet implemented
;odbc.default_cursortype
odbc.allow_persistent = On
odbc.check_persistent = On
odbc.max_persistent = -1
odbc.max_links = -1
odbc.defaultlrl = 4096
odbc.defaultbinmode = 1
;birdstep.max_links = -1

[Interbase]
ibase.allow_persistent = 1
ibase.max_persistent = -1
ibase.max_links = -1
;ibase.default_db =
;ibase.default_user =
;ibase.default_password =
;ibase.default_charset =
ibase.timestampformat = "%Y-%m-%d %H:%M:%S"
ibase.dateformat = "%Y-%m-%d"
ibase.timeformat = "%H:%M:%S"

[MySQL]
mysql.allow_local_infile = On
mysql.allow_persistent = On
mysql.cache_size = 2000
mysql.max_persistent = -1
mysql.max_links = -1
mysql.default_port = %mysqlport%
mysql.default_socket =
mysql.default_host =
mysql.default_user =
mysql.default_password =
mysql.connect_timeout = 60
mysql.trace_mode = Off

[MySQLi]
mysqli.max_persistent = -1
;mysqli.allow_local_infile = On
mysqli.allow_persistent = On
mysqli.max_links = -1
mysqli.cache_size = 2000
mysqli.default_port = %mysqlport%
mysqli.default_socket =
mysqli.default_host =
mysqli.default_user =
mysqli.default_pw =
mysqli.reconnect = Off

[mysqlnd]
mysqlnd.collect_statistics = On
mysqlnd.collect_memory_statistics = On
;mysqlnd.net_cmd_buffer_size = 2048
;mysqlnd.net_read_buffer_size = 32768

[OCI8]
;oci8.privileged_connect = Off
;oci8.max_persistent = -1
;oci8.persistent_timeout = -1
;oci8.ping_interval = 60
;oci8.connection_class =
;oci8.events = Off
;oci8.statement_cache_size = 20
;oci8.default_prefetch = 100
;oci8.old_oci_close_semantics = Off

[PostgreSQL]
pgsql.allow_persistent = On
pgsql.auto_reset_persistent = Off
pgsql.max_persistent = -1
pgsql.max_links = -1
pgsql.ignore_notice = 0
pgsql.log_notice = 0

[Sybase-CT]
sybct.allow_persistent = On
sybct.max_persistent = -1
sybct.max_links = -1
sybct.min_server_severity = 10
sybct.min_client_severity = 10
;sybct.timeout=
;sybct.packet_size
;sybct.login_timeout=
;sybct.hostname=
;sybct.deadlock_retry_count=

[bcmath]
bcmath.scale = 0

[browscap]
;browscap = "%sprogdir%/modules/php/%phpdriver%/browscap.ini"

[Session]
session.save_handler = files
session.save_path = "%sprogdir%/userdata/temp/"
session.use_cookies = 1
;session.cookie_secure =
session.use_only_cookies = 1
session.name = PHPSESSID
session.auto_start = 0
session.cookie_lifetime = 0
session.cookie_path = /
session.cookie_domain =
session.cookie_httponly =
session.serialize_handler = php
session.gc_probability = 1
session.gc_divisor = 1000
session.gc_maxlifetime = 1440
session.bug_compat_42 = On
session.bug_compat_warn = On
session.referer_check =
;session.entropy_length = 32
session.entropy_file = /dev/urandom
session.cache_limiter = nocache
session.cache_expire = 180
session.use_trans_sid = 0
session.hash_function = 0
session.hash_bits_per_character = 5
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
;session.upload_progress.enabled = On
;session.upload_progress.cleanup = On
;session.upload_progress.prefix = "upload_progress_"
;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS"
;session.upload_progress.freq = "1%"
;session.upload_progress.min_freq = "1"

[MSSQL]
mssql.allow_persistent = On
mssql.max_persistent = -1
mssql.max_links = -1
mssql.min_error_severity = 10
mssql.min_message_severity = 10
mssql.compatability_mode = Off
;mssql.connect_timeout = 5
;mssql.timeout = 60
;mssql.textlimit = 4096
;mssql.textsize = 4096
;mssql.batchsize = 0
;mssql.datetimeconvert = On
mssql.secure_connection = Off
;mssql.max_procs = -1
;mssql.charset = "ISO-8859-1"

[Assertion]
;assert.active = On
;assert.warning = On
;assert.bail = Off
;assert.callback = 0
;assert.quiet_eval = 0

[COM]
;com.typelib_file =
;com.allow_dcom = true
;com.autoregister_typelib = true
;com.autoregister_casesensitive = false
;com.autoregister_verbose = true
;com.code_page=

[mbstring]
;mbstring.language = Japanese
;mbstring.internal_encoding = EUC-JP
;mbstring.http_input = auto
;mbstring.http_output = SJIS
;mbstring.encoding_translation = Off
;mbstring.detect_order = auto
;mbstring.substitute_character = none;
;mbstring.func_overload = 0
;mbstring.strict_detection = Off
;mbstring.http_output_conv_mimetype=

[gd]
gd.jpeg_ignore_warning = 1

[exif]
;exif.encode_unicode = ISO-8859-15
;exif.decode_unicode_motorola = UCS-2BE
;exif.decode_unicode_intel = UCS-2LE
;exif.encode_jis =
;exif.decode_jis_motorola = JIS
;exif.decode_jis_intel = JIS

[Tidy]
;tidy.default_config = /usr/local/lib/php/default.tcfg
tidy.clean_output = Off

[soap]
soap.wsdl_cache_enabled=1
soap.wsdl_cache_dir="%sprogdir%/userdata/temp"
soap.wsdl_cache_ttl=86400
soap.wsdl_cache_limit = 5

[sysvshm]
;sysvshm.init_mem = 10000

[ldap]
ldap.max_links = -1

[mcrypt]
;mcrypt.algorithms_dir=
;mcrypt.modes_dir=

[dba]
;dba.default_handler=

[openssl]
openssl.cafile="%sprogdir%/modules/php/%phpdriver%/cacert.pem"
;openssl.capath=

[Ioncube Loader]
;zend_extension="%sprogdir%/modules/php/%phpdriver%/ext/php_ioncube.dll"

[opcache]
; Внимание! Данное расширение не работает под Windows.
; Возможно падение сервера в процессе работы или отказ запуска!
;zend_extension="%sprogdir%/modules/php/%phpdriver%/ext/php_opcache.dll"
;opcache.enable=1
;opcache.enable_cli=0
;opcache.memory_consumption=64
;opcache.interned_strings_buffer=4
;opcache.max_accelerated_files=2000
;opcache.max_wasted_percentage=5
;opcache.use_cwd=1
;opcache.validate_timestamps=1
;opcache.revalidate_freq=2
;opcache.revalidate_path=0
;opcache.save_comments=0
;opcache.load_comments=0
;opcache.fast_shutdown=1
;opcache.enable_file_override=0
;opcache.optimization_level=0xffffffff
;;opcache.inherited_hack=1
;;opcache.dups_fix=0
;;opcache.blacklist_filename=
;;opcache.max_file_size=0
;;opcache.consistency_checks=0
;;opcache.force_restart_timeout=180
;;opcache.error_log=
;;opcache.log_verbosity_level=1
;;opcache.preferred_memory_model=
;;opcache.protect_memory=1

[Xdebug]
;zend_extension="%sprogdir%/modules/php/%phpdriver%/ext/php_xdebug.dll"
;xdebug.default_enable = 1
xdebug.auto_trace = 0
xdebug.collect_includes = 1
;xdebug.collect_params = 4
;xdebug.collect_return = 1
;xdebug.collect_assignments = 1
;xdebug.collect_vars = 1
xdebug.dump.REQUEST = *
xdebug.dump.SESSION = *
xdebug.dump.SERVER = REMOTE_ADDR,REQUEST_METHOD
;xdebug.dump.COOKIE =
;xdebug.dump.FILES =
;xdebug.dump.GET =
;xdebug.dump.POST =
xdebug.dump_globals = 1
xdebug.dump_once = 1
xdebug.dump_undefined = 1
xdebug.extended_info = 1
;xdebug.file_link_format = ""
;xdebug.idekey = ""
;xdebug.manual_url = "http://www.php.net"
xdebug.max_nesting_level = 256
xdebug.overload_var_dump = 1
;xdebug.profiler_append = 1
xdebug.profiler_enable = 0
xdebug.profiler_enable_trigger = 0
xdebug.profiler_output_dir="%sprogdir%/userdata/temp/xdebug/"
xdebug.profiler_output_name = "cachegrind.out.%H%R"
;xdebug.remote_autostart = 0
;xdebug.remote_enable = 1
;xdebug.remote_handler = "dbgp"
;xdebug.remote_host = "localhost"
;xdebug.remote_log = "none"
;xdebug.remote_mode = "req"
;xdebug.remote_port = 9000
;xdebug.scream = 1
;xdebug.show_exception_trace = 0
;xdebug.show_local_vars = 1
;xdebug.show_mem_delta = 1
;xdebug.trace_format = 1
;xdebug.trace_options = 1
xdebug.trace_output_dir = "%sprogdir%/userdata/temp/xdebug/"
;xdebug.trace_output_name = "trace.%H%R"
xdebug.var_display_max_children = 256
;xdebug.var_display_max_data = 1024
xdebug.var_display_max_depth = 16
;xdebug.remote_cookie_expire_time = 3600
`


#2

There are discussions:


The use of this unsupported and unsecure ownCloud version is highly discouraged!
Also, if issues are fixed, they won't be backported to this version, there were different issues with Windows as host OS:
https://owncloud.org/blog/owncloud-server-8-1-will-not-support-windows-as-server-platform-natively/