GNUsocial/gnu-social
4
0
Fork 1
Code Issues Releases Wiki Activity

chmod 0775 directories we create

Browse Source 
Security for the 'g+rx' should be handle by having the parent directory
inaccessible for global users, which is usually the case.
This commit is contained in:
Mikael Nordfeldth 2016-03-07 23:23:32 +01:00
parent 4e5c0e70a6
commit cfc82591da
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lib/gnusocial.php
View File

@ -461,6 +461,9 @@ class GNUsocial
if (!mkdir($dir)) { if (!mkdir($dir)) {
throw new ConfigException('Could not create directory for '._ve($description).': '._ve($dir)); throw new ConfigException('Could not create directory for '._ve($description).': '._ve($dir));
} }
if (!chmod($dir, 0775)) {
common_log(LOG_WARNING, 'Could not chmod 0775 on directory for '._ve($description).': '._ve($dir));
}
} }
if (!is_array(common_config('public', 'autosource'))) { if (!is_array(common_config('public', 'autosource'))) {