Attachment #218743 for bug #303795

Lines 100-105 Link Here

(-)suphp-0.7.1.orig/doc/CONFIG (+3 lines)
100	Is disabled by default:	100	Is disabled by default:
101	WARNING: Enabling this option is dangerous!	101	WARNING: Enabling this option is dangerous!
102		102
		103	check_all_parent_directory_ownership:
		104	Disable checking directory ownership beyond the parent of the script.
		105
103	check_vhost_docroot:	106	check_vhost_docroot:
104	Checks wheter the script is within DOCUMENT_ROOT specified by the	107	Checks wheter the script is within DOCUMENT_ROOT specified by the
105	webserver. This option is intended to avoid symbol links outside of the	108	webserver. This option is intended to avoid symbol links outside of the

Lines 548-554 Link Here

(-)suphp-0.7.1.orig/src/Application.cpp (-1 / +3 lines)
548	directory = directory.getParentDirectory();	548	directory = directory.getParentDirectory();
549		549
550	UserInfo directoryOwner = directory.getUser();	550	UserInfo directoryOwner = directory.getUser();
551	if (directoryOwner != owner && !directoryOwner.isSuperUser()) {	551	if (directoryOwner != owner
		552	&& config.getCheckAllParentDirectoryOwnership()
		553	&& !directoryOwner.isSuperUser()) {
552	std::string error = "Directory " + directory.getPath()	554	std::string error = "Directory " + directory.getPath()
553	+ " is not owned by " + owner.getUsername();	555	+ " is not owned by " + owner.getUsername();
554	logger.logWarning(error);	556	logger.logWarning(error);

Lines 92-97 Link Here

(-)suphp-0.7.1.orig/src/Configuration.cpp (+8 lines)
92	this->allow_directory_group_writeable = false;	92	this->allow_directory_group_writeable = false;
93	this->allow_file_others_writeable = false;	93	this->allow_file_others_writeable = false;
94	this->allow_directory_others_writeable = false;	94	this->allow_directory_others_writeable = false;
		95	this->check_all_parent_directory_ownership = true;
95	#ifdef OPT_DISABLE_CHECKPATH	96	#ifdef OPT_DISABLE_CHECKPATH
96	this->check_vhost_docroot = false;	97	this->check_vhost_docroot = false;
97	#else	98	#else
Lines 141-146 Link Here
141	else if (key == "allow_directory_others_writeable")	142	else if (key == "allow_directory_others_writeable")
142	this->allow_directory_others_writeable =	143	this->allow_directory_others_writeable =
143	this->strToBool(value);	144	this->strToBool(value);
		145	else if (key == "check_all_parent_directory_ownership")
		146	this->check_all_parent_directory_ownership =
		147	this->strToBool(value);
144	else if (key == "check_vhost_docroot")	148	else if (key == "check_vhost_docroot")
145	this->check_vhost_docroot = this->strToBool(value);	149	this->check_vhost_docroot = this->strToBool(value);
146	else if (key == "errors_to_browser")	150	else if (key == "errors_to_browser")
Lines 217-222 Link Here
217	return this->allow_directory_others_writeable;	221	return this->allow_directory_others_writeable;
218	}	222	}
219		223
		224	bool suPHP::Configuration::getCheckAllParentDirectoryOwnership() const {
		225	return this->check_all_parent_directory_ownership;
		226	}
		227
220	bool suPHP::Configuration::getErrorsToBrowser() const {	228	bool suPHP::Configuration::getErrorsToBrowser() const {
221	return this->errors_to_browser;	229	return this->errors_to_browser;
222	}	230	}

Lines 49-54 Link Here

(-)suphp-0.7.1.orig/src/Configuration.hpp (+7 lines)
49	bool allow_directory_group_writeable;	49	bool allow_directory_group_writeable;
50	bool allow_file_others_writeable;	50	bool allow_file_others_writeable;
51	bool allow_directory_others_writeable;	51	bool allow_directory_others_writeable;
		52	bool check_all_parent_directory_ownership;
52	bool check_vhost_docroot;	53	bool check_vhost_docroot;
53	bool errors_to_browser;	54	bool errors_to_browser;
54	std::string env_path;	55	std::string env_path;
Lines 132-137 Link Here
132	bool getAllowDirectoryOthersWriteable() const;	133	bool getAllowDirectoryOthersWriteable() const;
133		134
134	/**	135	/**
		136	* Returns whether suPHP should check ownership beyond the
		137	* parent of the script.
		138	*/
		139	bool getCheckAllParentDirectoryOwnership() const;
		140
		141	/**
135	* Returns whether (minor) error message should be sent to browser	142	* Returns whether (minor) error message should be sent to browser
136	*/	143	*/
137	bool getErrorsToBrowser() const;	144	bool getErrorsToBrowser() const;

Return to bug 303795