aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xconfig/snort/snort_rules_edit.php8
1 files changed, 6 insertions, 2 deletions
diff --git a/config/snort/snort_rules_edit.php b/config/snort/snort_rules_edit.php
index 28deccd5..61a9574a 100755
--- a/config/snort/snort_rules_edit.php
+++ b/config/snort/snort_rules_edit.php
@@ -115,8 +115,12 @@ elseif (file_exists("{$snortdir}/rules/{$file}"))
elseif (file_exists("{$snortdir}/preproc_rules/{$file}"))
$contents = file_get_contents("{$snortdir}/preproc_rules/{$file}");
// Is it a fully qualified path and file?
-elseif (file_exists($file))
- $contents = file_get_contents($file);
+elseif (file_exists($file)) {
+ if (substr(realpath($file), 0, strlen(SNORTLOGDIR)) != SNORTLOGDIR)
+ $contents = gettext("\n\nERROR -- File: {$file} can not be viewed!");
+ else
+ $contents = file_get_contents($file);
+}
// It is not something we can display, so exit.
else
$input_errors[] = gettext("Unable to open file: {$displayfile}");