I have often wondered why the MediaWiki web installer makes you download LocalSettings.php and upload it yourself instead of just writing the file to the web server for you. Does anyone know why this is the case?
Topic on Project:Support desk
the old installer (pre 1.16) did this.
Its to promote security best practise - its best if the webserver doesn't have write access to any file that gets executed. This helps in the case that a hacker finds some vulnerability. We dont create the file in order to encourage people to set up their webserver so that creating the file is impossible.
Aha, sounds reasonable. Guess I've been giving my www
too many permissions, then.