maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

Fixing executing perl-scripts with apache 2.4 and prevent users to access other users docroot, fixes #532

Browse Source 
Signed-off-by: Florian Aders (EleRas) <eleras@froxlor.org>
This commit is contained in:
Florian Aders (EleRas)
2014-01-03 11:12:33 +01:00
parent f252f134b2
commit ba3d342e2b
2 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
scripts/jobs/cron_tasks.inc.http.10.apache.php
View File

@@ -881,7 +881,7 @@ class apache {
&& isset($row_diroptions['options_cgi'])
&& $row_diroptions['options_cgi'] == '1'
) {
$this->diroptions_data[$diroptions_filename] .= ' ExecCGI -MultiViews +SymLinksIfOwnerMatch +FollowSymLinks'."\n";
$this->diroptions_data[$diroptions_filename] .= ' +ExecCGI -MultiViews +SymLinksIfOwnerMatch +FollowSymLinks'."\n";
} else {
$this->diroptions_data[$diroptions_filename] .= "\n";
}
@@ -898,7 +898,7 @@ class apache {
&& isset($row_diroptions['options_cgi'])
&& $row_diroptions['options_cgi'] == '1'
) {
$this->diroptions_data[$diroptions_filename] .= ' ExecCGI -MultiViews +SymLinksIfOwnerMatch +FollowSymLinks'."\n";
$this->diroptions_data[$diroptions_filename] .= ' +ExecCGI -MultiViews +SymLinksIfOwnerMatch +FollowSymLinks'."\n";
} else {
$this->diroptions_data[$diroptions_filename] .= "\n";
}

6
scripts/jobs/cron_tasks.php
View File

@@ -132,9 +132,9 @@ while ($row = $result_tasks_stmt->fetch(PDO::FETCH_ASSOC)) {
$userhomedir = (substr($userhomedir, 0, -1) == '/') ? substr($userhomedir, 0, -1) : $userhomedir;
$usermaildir = (substr($usermaildir, 0, -1) == '/') ? substr($usermaildir, 0, -1) : $usermaildir;
$cronlog->logAction(CRON_ACTION, LOG_NOTICE, 'Running: chown -R ' . (int)$row['data']['uid'] . ':' . (int)$row['data']['gid'] . ' ' . escapeshellarg($userhomedir));
safe_exec('chown -R ' . (int)$row['data']['uid'] . ':' . (int)$row['data']['gid'] . ' ' . escapeshellarg($userhomedir));
// don't allow others to access the directory (webserver will be in the users' group)
$cronlog->logAction(CRON_ACTION, LOG_NOTICE, 'Running: chown -R ' . (int)$row['data']['uid'] . ':' . Settings::Get('system.httpuser') . ' ' . escapeshellarg($userhomedir));
safe_exec('chown -R ' . (int)$row['data']['uid'] . ':' . Settings::Get('system.httpuser') . ' ' . escapeshellarg($userhomedir));
// don't allow others to access the directory (webserver will be the group)
safe_exec('chmod 0750 ' . escapeshellarg($userhomedir));
$cronlog->logAction(CRON_ACTION, LOG_NOTICE, 'Running: chown -R ' . (int)Settings::Get('system.vmail_uid') . ':' . (int)Settings::Get('system.vmail_gid') . ' ' . escapeshellarg($usermaildir));
safe_exec('chown -R ' . (int)Settings::Get('system.vmail_uid') . ':' . (int)Settings::Get('system.vmail_gid') . ' ' . escapeshellarg($usermaildir));