From c613223747934c62488bb55fb72138bec353ff61 Mon Sep 17 00:00:00 2001
From: bmeeks8 <bmeeks8@bellsouth.net>
Date: Tue, 28 Jan 2014 16:01:01 -0500
Subject: Fix snort_rules_edit.php to address
 http://seclist.org/fulldisclosure/2014/Jan/187

---
 config/snort/snort_rules_edit.php | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'config/snort')

diff --git a/config/snort/snort_rules_edit.php b/config/snort/snort_rules_edit.php
index 28deccd5..61a9574a 100755
--- a/config/snort/snort_rules_edit.php
+++ b/config/snort/snort_rules_edit.php
@@ -115,8 +115,12 @@ elseif (file_exists("{$snortdir}/rules/{$file}"))
 elseif (file_exists("{$snortdir}/preproc_rules/{$file}"))
 	$contents = file_get_contents("{$snortdir}/preproc_rules/{$file}");
 // Is it a fully qualified path and file?
-elseif (file_exists($file))
-	$contents = file_get_contents($file);
+elseif (file_exists($file)) {
+	if (substr(realpath($file), 0, strlen(SNORTLOGDIR)) != SNORTLOGDIR)
+		$contents = gettext("\n\nERROR -- File: {$file} can not be viewed!");
+	else
+		$contents = file_get_contents($file);
+}
 // It is not something we can display, so exit.
 else
 	$input_errors[] = gettext("Unable to open file: {$displayfile}");
-- 
cgit v1.2.3