From: Max Kanat-Alexander Date: Thu, 24 Jun 2010 17:00:13 +0000 (-0700) Subject: Bug 561797: (CVE-2010-0180) [SECURITY] checksetup.pl with $use_suexec=1 sets X-Git-Tag: bugzilla-3.6.1~2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cb90607bb5730413f6f54e5f2394ba11853864d6;p=thirdparty%2Fbugzilla.git Bug 561797: (CVE-2010-0180) [SECURITY] checksetup.pl with $use_suexec=1 sets localconfig as world readable r=timello, a=mkanat --- diff --git a/Bugzilla/Install/Filesystem.pm b/Bugzilla/Install/Filesystem.pm index 4dc8a484d2..789f193e56 100644 --- a/Bugzilla/Install/Filesystem.pm +++ b/Bugzilla/Install/Filesystem.pm @@ -75,6 +75,13 @@ sub FILESYSTEM { my $skinsdir = bz_locations()->{'skinsdir'}; my $localconfig = bz_locations()->{'localconfig'}; + # We want to set the permissions the same for all localconfig files + # across all PROJECTs, so we do something special with $localconfig, + # lower down in the permissions section. + if ($ENV{PROJECT}) { + $localconfig =~ s/\.\Q$ENV{PROJECT}\E$//; + } + my $ws_group = Bugzilla->localconfig->{'webservergroup'}; my $use_suexec = Bugzilla->localconfig->{'use_suexec'}; @@ -92,6 +99,9 @@ sub FILESYSTEM { # Writeable by the web server. my $ws_writeable = $ws_group ? 0660 : 0666; + # Script-readable files that should not be world-readable under suexec. + my $script_readable = $use_suexec ? 0640 : $ws_readable; + # DIRECTORIES # Readable by the web server. my $ws_dir_readable = ($ws_group && !$use_suexec) ? 0750 : 0755; @@ -129,6 +139,10 @@ sub FILESYSTEM { 'migrate.pl' => { perms => $owner_executable }, 'install-module.pl' => { perms => $owner_executable }, + # Set the permissions for localconfig the same across all + # PROJECTs. + $localconfig => { perms => $script_readable }, + "$localconfig.*" => { perms => $script_readable }, "$localconfig.old" => { perms => $owner_readable }, 'contrib/README' => { perms => $owner_readable },