summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlpsolit%gmail.com <>2005-12-12 11:55:46 +0100
committerlpsolit%gmail.com <>2005-12-12 11:55:46 +0100
commit545a57e3d1866c18cce29dae67da2bd48e775ef0 (patch)
treec5bd928be033661a661e2caf1b00718cad898595
parentc7bb724eb31f848e3d6f78fdcee5ee70ab0516ac (diff)
downloadbugzilla-545a57e3d1866c18cce29dae67da2bd48e775ef0.tar.gz
bugzilla-545a57e3d1866c18cce29dae67da2bd48e775ef0.tar.xz
Bug 319241: Bugzilla.pm is freely accessible from the web - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=myk
-rwxr-xr-xchecksetup.pl10
1 files changed, 9 insertions, 1 deletions
diff --git a/checksetup.pl b/checksetup.pl
index 5d901b646..614d1d7aa 100755
--- a/checksetup.pl
+++ b/checksetup.pl
@@ -1014,7 +1014,7 @@ if ($my_create_htaccess) {
open HTACCESS, '>', '.htaccess';
print HTACCESS <<'END';
# don't allow people to retrieve non-cgi executable files or our private data
-<FilesMatch ^(.*\.pl|.*localconfig.*)$>
+<FilesMatch ^(.*\.pm|.*\.pl|.*localconfig.*)$>
deny from all
</FilesMatch>
END
@@ -1028,7 +1028,15 @@ END
$oldaccess .= $_;
}
close HTACCESS;
+ my $repaired = 0;
if ($oldaccess =~ s/\|localconfig\|/\|.*localconfig.*\|/) {
+ $repaired = 1;
+ }
+ if ($oldaccess !~ /\(\.\*\\\.pm\|/) {
+ $oldaccess =~ s/\(/(.*\\.pm\|/;
+ $repaired = 1;
+ }
+ if ($repaired) {
print "Repairing .htaccess...\n";
open HTACCESS, '>', '.htaccess';
print HTACCESS $oldaccess;