[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-tracker] [bugs #8359] minor security problem in class.vfs_
From: |
Caeies |
Subject: |
[Phpgroupware-tracker] [bugs #8359] minor security problem in class.vfs_dav.inc.php |
Date: |
Mon, 29 Mar 2004 11:16:27 -0500 |
User-agent: |
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5) Gecko/20040130 Firebird/0.7 |
This mail is an automated notification from the bugs tracker
of the project: phpGroupWare.
/**************************************************************************/
[bugs #8359] Full Item Snapshot:
URL: <http://savannah.gnu.org/bugs/?func=detailitem&item_id=8359>
Project: phpGroupWare
Submitted by: Caeies
On: Mon 03/29/04 at 16:16
Category: API - phpGWapi
Item Group: 0.9.16.000 release
Severity: 5 - Average
Priority: 9 - Immediate
Resolution: None
Assigned to: None
Status: Open
Component Version: CVS
Platform Version: GNU/Linux - Debian
Reproducibility: Every Time
Summary: minor security problem in class.vfs_dav.inc.php
Original Submission: Heya,
When creating the home user directory (from filemanager), using webdav
repository, the system failed silently to create a .htaccess when required (in
subfolders of the home directory, using the deny in the setup configuration).
The bug is at line 2122 change from this :
if (!$conf->config_data['acl_default'] == 'grant')
to this :
if ($conf->config_data['acl_default'] != 'grant')
And please ever use ( ) when using ! in front of the things.
There is a couple of this in this file and we are not sure if they are right or
not. Need some deeper review.
Thanks for killing it quickly :)
Caeies, bug hunter.
For detailed info, follow this link:
<http://savannah.gnu.org/bugs/?func=detailitem&item_id=8359>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
- [Phpgroupware-tracker] [bugs #8359] minor security problem in class.vfs_dav.inc.php,
Caeies <=