Skip to content

bugzilla
bugzilla
Commit 545a57e3 authored by lpsolit%gmail.com's avatar lpsolit%gmail.com
Browse files
Options

Bug 319241: Bugzilla.pm is freely accessible from the web - Patch by Frédéric…

Bug 319241: Bugzilla.pm is freely accessible from the web - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=myk
parent c7bb724e
Hide whitespace changes
Inline Side-by-side
Showing with 9 additions and 1 deletion
checksetup.pl
View file @ 545a57e3
...@@ -1014,7 +1014,7 @@ if ($my_create_htaccess) { ...@@ -1014,7 +1014,7 @@ if ($my_create_htaccess) {
open HTACCESS, '>', '.htaccess'; open HTACCESS, '>', '.htaccess';
print HTACCESS <<'END'; print HTACCESS <<'END';
# don't allow people to retrieve non-cgi executable files or our private data # don't allow people to retrieve non-cgi executable files or our private data
<FilesMatch ^(.*\.pl|.*localconfig.*)$> <FilesMatch ^(.*\.pm|.*\.pl|.*localconfig.*)$>
deny from all deny from all
</FilesMatch> </FilesMatch>
END END
...@@ -1028,7 +1028,15 @@ END ...@@ -1028,7 +1028,15 @@ END
$oldaccess .= $_; $oldaccess .= $_;
} }
close HTACCESS; close HTACCESS;
my $repaired = 0;
if ($oldaccess =~ s/\|localconfig\|/\|.*localconfig.*\|/) { if ($oldaccess =~ s/\|localconfig\|/\|.*localconfig.*\|/) {
$repaired = 1;
}
if ($oldaccess !~ /\(\.\*\\\.pm\|/) {
$oldaccess =~ s/\(/(.*\\.pm\|/;
$repaired = 1;
}
if ($repaired) {
print "Repairing .htaccess...\n"; print "Repairing .htaccess...\n";
open HTACCESS, '>', '.htaccess'; open HTACCESS, '>', '.htaccess';
print HTACCESS $oldaccess; print HTACCESS $oldaccess;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment