forked from GNUsocial/gnu-social
chmod 0775 directories we create
Security for the 'g+rx' should be handle by having the parent directory inaccessible for global users, which is usually the case.
This commit is contained in:
parent
4e5c0e70a6
commit
cfc82591da
@ -461,6 +461,9 @@ class GNUsocial
|
|||||||
if (!mkdir($dir)) {
|
if (!mkdir($dir)) {
|
||||||
throw new ConfigException('Could not create directory for '._ve($description).': '._ve($dir));
|
throw new ConfigException('Could not create directory for '._ve($description).': '._ve($dir));
|
||||||
}
|
}
|
||||||
|
if (!chmod($dir, 0775)) {
|
||||||
|
common_log(LOG_WARNING, 'Could not chmod 0775 on directory for '._ve($description).': '._ve($dir));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!is_array(common_config('public', 'autosource'))) {
|
if (!is_array(common_config('public', 'autosource'))) {
|
||||||
|
Loading…
Reference in New Issue
Block a user