Uploaded image for project: 'Blesta Core'
  1. Blesta Core
  2. CORE-4018

System Status: File permission check will fail on parent directory .. if it is not owned by the same user

        Details

          Description

          The system status widget in controllers/admin_main.php line 216 calls PHP function scandir(), which returns as part of the list the current working directory ".", and the parent directory, "..". The parent directory ".." may not be owned by the same user, and it doesn't need to be. The parent directory should be ignored. Do not evaluate ownership of "..".

          For example:

          1. ls -la /home/user/logs_blesta/
            drwxrwxrwx 2 www-data www-data 4096 Nov 11 18:50 .
            drwxr-xr-x 6 root root 4096 Nov 11 18:39 ..
            rw-rw-r- 1 www-data www-data 10197 Nov 11 19:20 general-alert-2020-11-11.log
            rw-rr- 1 www-data www-data 251 Sep 29 23:58 general-error-2020-09-29.log

            Activity

              People

              • Assignee:
                jonathan Jonathan Reissmueller
                Reporter:
                admin Paul Phillips
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  19/Nov/20

                  Agile