diff options
author | jim-p <jimp@pfsense.org> | 2015-09-29 14:55:42 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2015-09-29 14:55:42 -0400 |
commit | 8bbc2ef15138d2493cce5a39a4ba281e07a7c42a (patch) | |
tree | 2ef590cba45bc2462851028b79c823bc97ab5322 /config | |
parent | 87a47d47d716dc713f1e99e6e6812db91b1a182e (diff) | |
download | pfsense-packages-8bbc2ef15138d2493cce5a39a4ba281e07a7c42a.tar.gz pfsense-packages-8bbc2ef15138d2493cce5a39a4ba281e07a7c42a.tar.bz2 pfsense-packages-8bbc2ef15138d2493cce5a39a4ba281e07a7c42a.zip |
Add safety belts to squid3 chown function to stop it from breaking the entire filesystem.
Diffstat (limited to 'config')
-rwxr-xr-x | config/squid3/34/squid.inc | 7 | ||||
-rw-r--r-- | config/squid3/34/squid.xml | 2 |
2 files changed, 5 insertions, 4 deletions
diff --git a/config/squid3/34/squid.inc b/config/squid3/34/squid.inc index e906a1bb..a7cb0490 100755 --- a/config/squid3/34/squid.inc +++ b/config/squid3/34/squid.inc @@ -84,7 +84,8 @@ function squid_get_real_interface_address($iface) { } function squid_chown_recursive($dir, $user, $group) { - if ($dir == '/usr/local') { + if (empty($dir) || ($dir == '/') || ($dir == '/usr/local') || !is_dir($dir)) { + log_error(gettext("Squid attempted to chown an invalid directory: {$dir}")); return; } @@ -92,8 +93,8 @@ function squid_chown_recursive($dir, $user, $group) { chgrp($dir, $group); $handle = opendir($dir) ; while (($item = readdir($handle)) !== false) { - if (($item != ".") && ($item != "..")) { - $path = "$dir/$item"; + if (!empty($item) && ($item != ".") && ($item != "..")) { + $path = "{$dir}/{$item}"; // Recurse unless it's the cache dir, that is slow and rarely necessary. if (is_dir($path) && (basename($dir) != "cache")) { squid_chown_recursive($path, $user, $group); diff --git a/config/squid3/34/squid.xml b/config/squid3/34/squid.xml index ded59d42..ec9855e8 100644 --- a/config/squid3/34/squid.xml +++ b/config/squid3/34/squid.xml @@ -42,7 +42,7 @@ ]]> </copyright> <name>squid</name> - <version>0.3.5</version> + <version>0.3.5.1</version> <title>Proxy Server: General Settings</title> <include_file>/usr/local/pkg/squid.inc</include_file> <menu> |