summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGerhard Killesreiter2006-05-25 01:34:05 +0000
committerGerhard Killesreiter2006-05-25 01:34:05 +0000
commit546635ea0a93088bff3a6e457c2ec5c791f2dc65 (patch)
treea214e7a55392687371a72ffe871d02f47b2d390a
parent3186c6aad0b14f59e17e50afe6aeb8e3db1dd56f (diff)
prevent execution of scripts from files directory4.6.7
-rw-r--r--INSTALL.txt7
-rw-r--r--includes/file.inc11
2 files changed, 18 insertions, 0 deletions
diff --git a/INSTALL.txt b/INSTALL.txt
index d221d09..290e9a8 100644
--- a/INSTALL.txt
+++ b/INSTALL.txt
@@ -189,6 +189,13 @@ INSTALLATION
by the Drupal server process. You can change the name of this
subdirectory at "Administer > Settings > File system settings".
+ SECURITY NOTICE: Certain Apache configurations can be vulnerable
+ to a security exploit allowing arbitrary code execution. Drupal
+ will attempt to automatically create a .htaccess file in your
+ "files" directory to protect you. If you already have a .htaccess
+ file in that location, please add the following line:
+ SetHandler This_is_a_Drupal_security_line_do_not_remove
+
You can now launch your browser and point it to your Drupal site.
Create an account and login. The first account will automatically
diff --git a/includes/file.inc b/includes/file.inc
index 3b1b7f1..e14f390 100644
--- a/includes/file.inc
+++ b/includes/file.inc
@@ -105,6 +105,17 @@ function file_check_directory(&$directory, $mode = 0, $form_item = NULL) {
}
}
+ if ((variable_get('file_directory_temp', FILE_DIRECTORY_TEMP) == $directory || variable_get('file_directory_path', 'files') == $directory) && !is_file("$directory/.htaccess")) {
+ if (($fp = fopen("$directory/.htaccess", 'w')) && fputs($fp, 'SetHandler This_is_a_Drupal_security_line_do_not_remove')) {
+ fclose($fp);
+ }
+ else {
+ $message = t("Security warning: Couldn't write .htaccess. Please create a .htaccess file in your %directory directory which contains the following line: <code>SetHandler This_is_a_Drupal_security_line_do_not_remove</code>", array('%directory' => $directory));
+ form_set_error($form_item, $message);
+ watchdog('file system', $message, WATCHDOG_ERROR);
+ }
+ }
+
return true;
}