Closed
Bug 285137
Opened 19 years ago
Closed 18 years ago
checksetup.pl should fixPerms the Bugzilla directory
Categories
(Bugzilla :: Installation & Upgrading, defect, P3)
Tracking
()
RESOLVED
FIXED
Bugzilla 3.0
People
(Reporter: Wurblzap, Assigned: mkanat)
References
Details
(Whiteboard: [fixed by blocker])
Attachments
(1 file)
976 bytes,
patch
|
Wurblzap
:
review-
|
Details | Diff | Splinter Review |
I'm talking about the directory Bugzilla is installed in, not the Bugzilla subdirectory of it. I think checksetup.pl should give the right permissions to the Bugzilla directory so that it is neither too open (rwxrwxrwx -- giving full access to local users) nor too protected (rwx------ -- possibly giving no access to the web server).
Reporter | ||
Updated•19 years ago
|
Flags: blocking2.20?
Comment 1•19 years ago
|
||
This makes sense. It's a FAQ, even. :)
Flags: blocking2.20? → blocking2.20+
Target Milestone: --- → Bugzilla 2.20
Assignee | ||
Comment 2•19 years ago
|
||
Yeah, that does make sense. There's a larger chance that that will fail to actually work (because the /var/html/www directory perms might not let me change the Bugzilla directory perms), but it's still a good thing to attempt to do. I'd guess that the perms should be... 750? Or if we don't have a good webservergroup, then 755.
Assignee: zach → nobody
Comment 3•19 years ago
|
||
"If it's not a regression from 2.18 and it's not a critical problem with something that's already landed, let's push it off." - Dave
Flags: blocking2.20+
Updated•19 years ago
|
Whiteboard: [wanted for 2.20]
Updated•19 years ago
|
Flags: blocking2.20-
Reporter | ||
Comment 4•19 years ago
|
||
This has Myk's [wanted for 2.20] stamp on it -- requesting blocking2.22.
Flags: blocking2.22?
Comment 5•19 years ago
|
||
I'll take this for both 2.20 and 2.22 if someone does it (before we branch for 2.22), but I won't hold the release for it.
Flags: blocking2.22? → blocking2.22-
Whiteboard: [wanted for 2.20]
Comment 6•19 years ago
|
||
Call fixPerms on "." during the rest of the permissions checking.
Updated•19 years ago
|
Attachment #203892 -
Flags: review?(mkanat)
Comment 7•19 years ago
|
||
Comment on attachment 203892 [details] [diff] [review] Fix permissions on "." >+ fixPerms('.', $<, $webservergid, 027, 1); If we pass '.' to fixPerms(), then the perms for .htaccess will be automatically set, right? Then we could remove the line fixing .htaccess separately.
Assignee | ||
Comment 8•19 years ago
|
||
(In reply to comment #7) > If we pass '.' to fixPerms(), then the perms for .htaccess will be > automatically set, right? No, I don't think so... why would that happen?
Reporter | ||
Comment 9•19 years ago
|
||
Comment on attachment 203892 [details] [diff] [review] Fix permissions on "." You're handing 1 as do_dirs parameter to fixPerms, which makes it steamroll over all permissions that have been finely tuned in the preceding lines. Don't do that :) I think that the do_dir parameter should be 0. (Comment 7 doesn't apply anymore then, so the .htaccess fixPerms call needs to stay.)
Attachment #203892 -
Flags: review?(mkanat) → review-
Reporter | ||
Comment 10•19 years ago
|
||
Mike, are you willing to take another stab at this?
Comment 11•19 years ago
|
||
Unfortunately not in the short term, sorry.
Assignee | ||
Updated•18 years ago
|
Priority: -- → P3
Comment 12•18 years ago
|
||
Only security and dataloss fixes will be accepted on the 2.20 branch.
Assignee: nobody → installation
Target Milestone: Bugzilla 2.20 → Bugzilla 2.22
Assignee | ||
Comment 13•18 years ago
|
||
It's really easy to fix this while I'm writing bug 346552, so I'm doing it there, for the tip.
Depends on: 346552
Whiteboard: [blocker will fix on tip]
Assignee | ||
Updated•18 years ago
|
Whiteboard: [blocker will fix on tip] → [blocker fixed it on tip]
Reporter | ||
Comment 14•18 years ago
|
||
I for one wouldn't mind setting this bug's target milestone to 2.24 and marking it FIXED.
Assignee | ||
Comment 15•18 years ago
|
||
Okay, sounds good to me. :-) Fixed by blocker.
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
Whiteboard: [blocker fixed it on tip] → [fixed by blocker]
Target Milestone: Bugzilla 2.22 → Bugzilla 3.0
Reporter | ||
Updated•18 years ago
|
Assignee: installation → mkanat
You need to log in
before you can comment on or make changes to this bug.
Description
•