From: Michael Tremer Date: Fri, 21 Apr 2017 15:46:49 +0000 (+0100) Subject: captive-portal: Move CGI files to CGI directory X-Git-Tag: v2.19-core115~60^2~52 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0a02d9bb0c0dd52d2d0f3f45264bdf512eb66380;p=ipfire-2.x.git captive-portal: Move CGI files to CGI directory Previously the assets directory has ExecCGI privileges which is not at all required and potentially dangerous. Signed-off-by: Michael Tremer --- diff --git a/config/httpd/vhosts.d/captive.conf b/config/httpd/vhosts.d/captive.conf index 4f199dfd7a..ddf8a15769 100644 --- a/config/httpd/vhosts.d/captive.conf +++ b/config/httpd/vhosts.d/captive.conf @@ -3,12 +3,6 @@ Listen 1013 DocumentRoot /srv/web/ipfire/html/captive - - Options ExecCGI - Order allow,deny - Allow from all - - ScriptAlias /cgi-bin/ /srv/web/ipfire/cgi-bin/captive/ Alias /assets/ /srv/web/ipfire/html/captive/assets/ @@ -16,11 +10,16 @@ Listen 1013 # All unknown URIs will be redirected to the first # redirector script. - ScriptAliasMatch .* /srv/web/ipfire/html/captive/index.cgi + ScriptAliasMatch .* /srv/web/ipfire/cgi-bin/captive/redirect.cgi Options ExecCGI Order allow,deny Allow from all + + + Order allow,deny + Allow from all + diff --git a/config/rootfiles/common/web-user-interface b/config/rootfiles/common/web-user-interface index 1c5e4ce208..dbf5a869f2 100644 --- a/config/rootfiles/common/web-user-interface +++ b/config/rootfiles/common/web-user-interface @@ -11,6 +11,7 @@ srv/web/ipfire/cgi-bin/bluetooth.cgi #srv/web/ipfire/cgi-bin/captive srv/web/ipfire/cgi-bin/captive.cgi srv/web/ipfire/cgi-bin/captive/index.cgi +srv/web/ipfire/cgi-bin/captive/redirect.cgi srv/web/ipfire/cgi-bin/chpasswd.cgi srv/web/ipfire/cgi-bin/connections.cgi srv/web/ipfire/cgi-bin/connscheduler.cgi @@ -95,7 +96,6 @@ srv/web/ipfire/html/blob.gif srv/web/ipfire/html/captive/assets/captive.css srv/web/ipfire/html/captive/assets/favicon.ico srv/web/ipfire/html/captive/assets/internet.png -srv/web/ipfire/html/captive/index.cgi srv/web/ipfire/html/clwarn.cgi srv/web/ipfire/html/dial.cgi srv/web/ipfire/html/favicon.ico diff --git a/html/html/captive/index.cgi b/html/cgi-bin/captive/redirect.cgi similarity index 100% rename from html/html/captive/index.cgi rename to html/cgi-bin/captive/redirect.cgi diff --git a/lfs/web-user-interface b/lfs/web-user-interface index 345d215cdb..a8e3e39607 100644 --- a/lfs/web-user-interface +++ b/lfs/web-user-interface @@ -64,7 +64,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) chown -R root:root /srv/web/ipfire chmod -R 755 /srv/web/ipfire/cgi-bin chmod -R 644 /srv/web/ipfire/html - chmod 755 /srv/web/ipfire/html /srv/web/ipfire/html/{index.cgi,redirect.cgi,dial.cgi,images,include,themes,themes/*,themes/*/*,captive/index.cgi} + chmod 755 /srv/web/ipfire/html /srv/web/ipfire/html/{index.cgi,redirect.cgi,dial.cgi,images,include,themes,themes/*,themes/*/*} chmod -R 777 /srv/web/ipfire/html/captive/logo ln -svf ipfire /srv/web/ipfire/html/themes/ipfire-rounded