diff options
| author | Reed Loden <reed@reedloden.com> | 2010-02-01 22:27:08 +0100 |
|---|---|---|
| committer | Max Kanat-Alexander <mkanat@bugzilla.org> | 2010-02-01 22:27:08 +0100 |
| commit | 9a80c1fffa48ef6d9301ba64a9bd02b4d5448dc2 (patch) | |
| tree | 17ce8bffc3fe6534ba4a38aa4c186ff0349f7dc5 /Bugzilla/Install | |
| parent | 532196b8689286cf4e65b58c98afa95ca910d7ac (diff) | |
| download | bugzilla-9a80c1fffa48ef6d9301ba64a9bd02b4d5448dc2.tar.gz bugzilla-9a80c1fffa48ef6d9301ba64a9bd02b4d5448dc2.tar.xz | |
Bug 434801: [SECURITY] .htaccess doesn't prevent reading old-params.txt from the web
Patch by Reed Loden <reed@reedloden.com> r=mkanat a=LpSolit
Diffstat (limited to 'Bugzilla/Install')
| -rw-r--r-- | Bugzilla/Install/Filesystem.pm | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/Bugzilla/Install/Filesystem.pm b/Bugzilla/Install/Filesystem.pm index 99f71d989..44c34718e 100644 --- a/Bugzilla/Install/Filesystem.pm +++ b/Bugzilla/Install/Filesystem.pm @@ -139,6 +139,7 @@ sub FILESYSTEM { 'docs/*/README.docs' => { perms => $owner_readable }, "$datadir/bugzilla-update.xml" => { perms => $ws_writeable }, "$datadir/params" => { perms => $ws_writeable }, + "$datadir/old-params.txt" => { perms => $owner_readable }, "$extensionsdir/create.pl" => { perms => $owner_executable }, ); @@ -369,6 +370,12 @@ sub update_filesystem { _rename_file($testfile, "$testfile.old"); } + # If old-params.txt exists in the root directory, move it to datadir. + my $oldparamsfile = "old_params.txt"; + if (-e $oldparamsfile) { + _rename_file($oldparamsfile, "$datadir/$oldparamsfile"); + } + _create_files(%files); if ($params->{index_html}) { _create_files(%{$fs->{index_html}}); |