Bug 186383 Checksetup leaves editor backups of localconfig accessible (revised)

diff --git a/checksetup.pl b/checksetup.pl
index 64a275d8bb9ee9c974038da1668a3a0864ad80af..b5b414859fe57b6c1c467b5cff1747ddf20b4e08 100755 (executable)
--- a/checksetup.pl
+++ b/checksetup.pl
@@ -569,12 +569,35 @@ if ($my_create_htaccess) {
     open HTACCESS, ">.htaccess";
     print HTACCESS <<'END';
 # don't allow people to retrieve non-cgi executable files or our private data
-<FilesMatch ^(.*\.pl|localconfig|processmail|syncshadowdb)$>
+<FilesMatch ^(.*\.pl|.*localconfig.*|processmail|syncshadowdb)$>
   deny from all
 </FilesMatch>
+<FilesMatch ^(localconfig.js|localconfig.rdf)$>
+  allow from all
+</FilesMatch>
 END
     close HTACCESS;
     chmod $fileperm, ".htaccess";
+  } else {
+    # 2002-12-21 Bug 186383
+    open HTACCESS, ".htaccess";
+    my $oldaccess = "";
+    while (<HTACCESS>) {
+      $oldaccess .= $_;
+    }
+    close HTACCESS;
+    if ($oldaccess =~ s/\|localconfig\|/\|.*localconfig.*\|/) {
+      print "Repairing .htaccess...\n";
+      open HTACCESS, ">.htaccess";
+      print HTACCESS $oldaccess;
+      print HTACCESS <<'END';
+<FilesMatch ^(localconfig.js|localconfig.rdf)$>
+  allow from all
+</FilesMatch>
+END
+      close HTACCESS;
+    }
+
   }
   if (!-e "data/.htaccess") {
     print "Creating data/.htaccess...\n";