maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

do not double validate openbasedir-values, as appendOpenbasedirPath() already takes care of that; also fix /dev/urandom as openbasedir-path-value to be treated as file correctly, fixes #1669

Browse Source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
2016-11-10 10:07:00 +01:00
parent fad607c6e8
commit 7e4164da26
3 changed files with 34 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
lib/classes/phpinterface/class.phpinterface_fcgid.php
View File

@@ -135,15 +135,6 @@ class phpinterface_fcgid {
$openbasedir .= appendOpenBasedirPath($this->getTempDir()); $openbasedir .= appendOpenBasedirPath($this->getTempDir());
$openbasedir .= $_phpappendopenbasedir; $openbasedir .= $_phpappendopenbasedir;
$openbasedir = explode(':', $openbasedir);
$clean_openbasedir = array();
foreach ($openbasedir as $number => $path) {
if (trim($path) != '/') {
$clean_openbasedir[] = makeCorrectDir($path);
}
}
$openbasedir = implode(':', $clean_openbasedir);
} else { } else {
$openbasedir = 'none'; $openbasedir = 'none';
$openbasedirc = ';'; $openbasedirc = ';';

9
lib/classes/phpinterface/class.phpinterface_fpm.php
View File

@@ -267,15 +267,6 @@ class phpinterface_fpm {
$openbasedir .= appendOpenBasedirPath($this->getTempDir()); $openbasedir .= appendOpenBasedirPath($this->getTempDir());
$openbasedir .= $_phpappendopenbasedir; $openbasedir .= $_phpappendopenbasedir;
$openbasedir = explode(':', $openbasedir);
$clean_openbasedir = array();
foreach ($openbasedir as $number => $path) {
if (trim($path) != '/') {
$clean_openbasedir[] = makeCorrectDir($path);
}
}
$openbasedir = implode(':', $clean_openbasedir);
} }
} }
$fpm_config.= 'php_admin_value[session.save_path] = ' . makeCorrectDir(Settings::Get('phpfpm.tmpdir') . '/' . $this->_domain['loginname'] . '/') . "\n"; $fpm_config.= 'php_admin_value[session.save_path] = ' . makeCorrectDir(Settings::Get('phpfpm.tmpdir') . '/' . $this->_domain['loginname'] . '/') . "\n";

11
lib/functions/validate/function.appendOpenbasedirPath.php
View File

@@ -29,15 +29,18 @@
*/ */
function appendOpenBasedirPath($path = '', $first = false) function appendOpenBasedirPath($path = '', $first = false)
{ {
if ($path != '' && $path != '/' if ($path != '' && $path != '/' &&
&& (! preg_match("#^/dev#i", $path) || preg_match("#^/dev/urandom#i", $path)) (! preg_match("#^/dev#i", $path) || preg_match("#^/dev/urandom#i", $path))
&& ! preg_match("#^/proc#i", $path) && ! preg_match("#^/proc#i", $path)
&& ! preg_match("#^/etc#i", $path) && ! preg_match("#^/etc#i", $path)
&& ! preg_match("#^/sys#i", $path) && ! preg_match("#^/sys#i", $path)
&& ! preg_match("#:#", $path) && ! preg_match("#:#", $path)) {
) {
if (preg_match("#^/dev/urandom#i", $path)) {
$path = makeCorrectFile($path);
} else {
$path = makeCorrectDir($path); $path = makeCorrectDir($path);
}
// check for php-version that requires the trailing // check for php-version that requires the trailing
// slash to be removed as it does not allow the usage // slash to be removed as it does not allow the usage