From 8a48e9ce78169daac2d45ebddbfb5bb496465ed3 Mon Sep 17 00:00:00 2001 From: rugk Date: Tue, 21 Jun 2016 17:18:11 +0200 Subject: [PATCH 1/3] Set permissions when saving files Fixes https://github.com/elrido/ZeroBin/issues/80 --- lib/persistence.php | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/persistence.php b/lib/persistence.php index 3b1f9af..ed82720 100644 --- a/lib/persistence.php +++ b/lib/persistence.php @@ -116,6 +116,7 @@ abstract class persistence self::_initialize(); $file = self::$_path . DIRECTORY_SEPARATOR . $filename; $writtenBytes = @file_put_contents($file, $data, LOCK_EX); + chmod($file, 0640); // protect file access if ($writtenBytes === false || $writtenBytes < strlen($data)) { throw new Exception('unable to write to file ' . $file, 13); } From 54f1cb9d346085176ef39953aa40a2278184e8c1 Mon Sep 17 00:00:00 2001 From: rugk Date: Tue, 21 Jun 2016 21:47:03 +0200 Subject: [PATCH 2/3] Only protect file if it was written --- lib/persistence.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/persistence.php b/lib/persistence.php index ed82720..38b47a7 100644 --- a/lib/persistence.php +++ b/lib/persistence.php @@ -116,10 +116,10 @@ abstract class persistence self::_initialize(); $file = self::$_path . DIRECTORY_SEPARATOR . $filename; $writtenBytes = @file_put_contents($file, $data, LOCK_EX); - chmod($file, 0640); // protect file access if ($writtenBytes === false || $writtenBytes < strlen($data)) { throw new Exception('unable to write to file ' . $file, 13); } + chmod($file, 0640); // protect file access return $file; } } From fd5a7a07aef61007e9f0afa82d4d8f868a986a9a Mon Sep 17 00:00:00 2001 From: rugk Date: Wed, 22 Jun 2016 18:08:25 +0200 Subject: [PATCH 3/3] Soft fail for chmod errors --- lib/persistence.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/persistence.php b/lib/persistence.php index 38b47a7..36b964b 100644 --- a/lib/persistence.php +++ b/lib/persistence.php @@ -119,7 +119,7 @@ abstract class persistence if ($writtenBytes === false || $writtenBytes < strlen($data)) { throw new Exception('unable to write to file ' . $file, 13); } - chmod($file, 0640); // protect file access + @chmod($file, 0640); // protect file access return $file; } }