Commit b2c4e7db authored by sikeda's avatar sikeda
Browse files

[bug] sympa.conf should be writable by sympa user and should not be...

[bug] sympa.conf should be writable by sympa user and should not be world-readable.  Because it may be edited via web interface, and it contains secure "cookie" parameter.  This file generated by initial "make install" was owned by installing user (root) and was world readable.  Fixed by make sympa_wizard.pl to set appropriate umask and makefile to set owner.


git-svn-id: https://subversion.renater.fr/sympa/branches/sympa-6.2-branch@12149 05aa8bb8-cd2b-0410-b1d7-8918dfa770ce
parent 7ec43797
......@@ -118,6 +118,8 @@ installconfig: installdir sympa_wizard.pl.inst
--create sympa.conf \
--target $(DESTDIR)$(confdir)/sympa.conf \
|| /bin/true; \
chown $(USER) $(DESTDIR)$(confdir)/sympa.conf || /bin/true; \
chgrp $(GROUP) $(DESTDIR)$(confdir)/sympa.conf || /bin/true; \
fi; \
if [ ! -f $(DESTDIR)$(sysconfdir)/data_structure.version ]; then \
cd $(DESTDIR)$(sysconfdir); \
......
......@@ -131,9 +131,12 @@ sub create_configuration {
exit 1;
}
my $umask = umask 037;
unless (open NEWF, '>', $conf) {
umask $umask;
die "Unable to open $conf: $ERRNO";
}
umask $umask;
if ($options{create} eq 'sympa.conf') {
# print NEWF <<EOF
......@@ -222,8 +225,7 @@ sub edit_configuration {
exit 1;
}
my $new_sympa_conf = '/tmp/sympa.conf';
my $somechange = 0;
my $somechange = 0;
my @new_sympa_conf;
my $title = undef;
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment