Unfortunately Matt, I saw the same situation as described by the “hacker” on Root’s site. Navigating to Root’s blog (on one occasion only) bought up the “Are you ready to install message”.
Now, here’s what could have happened. MySQL could have incorrectly reported the results for select count(*) from wp_users (corruption in datastream, db server flakiness, incorrect retrieval of values from config file for table prefix, whatever).
Hmmm… going to root’s blog, I just saw the install message again. Clicked refresh and it’s gone i.e. usual blog entries.
Something could have happened to Root’s database that caused install.php to think there was no blog, but there is nothing in install.php that could have deleted anything. It sounds like there is a problem with his host or something strange. We should wait until he can send full logs and messages to the dev team to see if there’s anything amiss here. It could also be operator error.
Matt, I agree completely. Apologies for the wild suppositions.
If the db was trashed, and it’s started from scratch it shouldn’t still carry any need for a fresh install?
hmm. my webhost recently redid some php commands, like chr, on the server side, to block attacks.
one domain owner had reported a problem of someone breaking into his blog, and the web host took down the php server side and fixed chr and a number of others.
sorry, I don’t have a list handy.
The chr vulnerability was related to phpBB. I’m going to close this thread since it’s just all speculation at this point. If Root (or anyone) thinks they’ve found a security vulnerability with WordPress please send a message to security@wordpress.org and we’ll examine it carefully and if necessary respond appropiately with a new release, patch, or announcement.
Root, if you have more information and want me to re-open the thread, drop me a note.
