michael/webmin
1
0
Fork 0
mirror of https://github.com/webmin/webmin.git synced 2026-03-20 16:50:24 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Always read files with limited permissions

Browse Source
This commit is contained in:
Jamie Cameron
2019-10-05 23:00:35 -07:00
parent 8faabd6d22
commit 79433069fe
1 changed files with 19 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
phpini/phpini-lib.pl
View File

@@ -117,13 +117,13 @@ else {
}
if (defined($value) && $old) {
# Update existing value
$lref = &read_file_lines($old->{'file'});
$lref = &read_file_lines_as_user($old->{'file'});
$lref->[$old->{'line'}] = $newline;
$old->{'value'} = $value;
}
elsif (defined($value) && !$old && $cmt) {
# Update existing commented value
$lref = &read_file_lines($cmt->{'file'});
$lref = &read_file_lines_as_user($cmt->{'file'});
$lref->[$cmt->{'line'}] = $newline;
$cmt->{'value'} = $value;
$cmt->{'enabled'} = 1;
@@ -143,13 +143,13 @@ elsif (defined($value) && !$old && !$cmt) {
"section $newsection");
$lastfile = $last->{'file'};
$lastline = $last->{'line'};
$lref = &read_file_lines($lastfile);
$lref = &read_file_lines_as_user($lastfile);
}
else {
# Just add at the end
$lastfile = @$conf ? $conf->[0]->{'file'} : undef;
$lastfile || &error("Don't know which file to add to");
$lref = &read_file_lines($lastfile);
$lref = &read_file_lines_as_user($lastfile);
$lastline = scalar(@$lref);
}
@@ -166,14 +166,14 @@ elsif (defined($value) && !$old && !$cmt) {
}
elsif (!defined($value) && $old && $cmt) {
# Totally remove a value
$lref = &read_file_lines($old->{'file'});
$lref = &read_file_lines_as_user($old->{'file'});
splice(@$lref, $old->{'line'}, 1);
@$conf = grep { $_ ne $old } @$conf;
&renumber($conf, $old->{'line'}, -1);
}
elsif (!defined($value) && $old && !$cmt) {
# Turn a value into a comment
$lref = &read_file_lines($old->{'file'});
$lref = &read_file_lines_as_user($old->{'file'});
$old->{'enabled'} = 0;
$lref->[$old->{'line'}] = "; ".$lref->[$old->{'line'}];
}
@@ -329,6 +329,19 @@ else {
}
}
# read_file_lines_as_user(file, ...)
sub read_file_lines_as_user
{
local @args = @_;
if ($access{'user'} && $access{'user'} ne 'root' && $< == 0) {
return &eval_as_unix_user(
$access{'user'}, sub { &read_file_lines(@args) });
}
else {
return &read_file_lines(@args);
}
}
# flush_file_lines_as_user(file)
# Writes out a file as the Unix user configured in this module's ACL
sub flush_file_lines_as_user