aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort
diff options
context:
space:
mode:
Diffstat (limited to 'config/snort')
-rw-r--r--config/snort/snort_log_view.php5
1 files changed, 4 insertions, 1 deletions
diff --git a/config/snort/snort_log_view.php b/config/snort/snort_log_view.php
index 4fc8d990..babae205 100644
--- a/config/snort/snort_log_view.php
+++ b/config/snort/snort_log_view.php
@@ -42,7 +42,10 @@ $contents = '';
// Read the contents of the argument passed to us.
// Is it a fully qualified path and file?
if (file_exists($_GET['logfile']))
- $contents = file_get_contents($_GET['logfile']);
+ if (substr(realpath($_GET['logfile']), 0, strlen(SNORTLOGDIR)) != SNORTLOGDIR)
+ $contents = gettext("\n\nERROR -- File: {$_GET['logfile']} can not be viewed!");
+ else
+ $contents = file_get_contents($_GET['logfile']);
// It is not something we can display, so print an error.
else
$contents = gettext("\n\nERROR -- File: {$_GET['logfile']} not found!");