Commit 22b653d0 authored by Robert Ricci's avatar Robert Ricci

chmod the php temp file so that the webcopy script, which runs as the

user, can read it.

At Leigh's suggestion, wrap the filenames in escapeshellarg() to make
the call to SUEXEC safer.
parent 748ed13a
No preview for this file type
......@@ -1215,10 +1215,13 @@ if (isset($_FILES['upload_file']) &&
# Taint check shell arguments always!
$errors["Image File"] = "Invalid characters";
} else {
# So that the webcopy, running as the user, can read the file
chmod($tmpfile,0644);
# Note - the script we call takes care of making sure that the local
# filename is in /proj or /groups
$retval = SUEXEC($uid, "$pid,$unix_gid", "webcopy $tmpfile $localfile",
SUEXEC_ACTION_DUPDIE);
$retval = SUEXEC($uid, "$pid,$unix_gid",
"webcopy " . escapeshellarg($tmpfile) . " " . escapeshellarg($localfile),
SUEXEC_ACTION_DUPDIE);
}
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment