Opened 7 years ago

Closed 6 years ago

#2802 closed defect (bug) (wontfix)

Ensure wp_handle_upload never leaves uploaded files world-writable

Reported by: Libertus Owned by: anonymous
Priority: normal Milestone:
Component: Security Version: 2.1
Severity: normal Keywords: inline upload files world writable wp_handle_upload
Cc:

Description

If I have to make my images directory world-writable to enable inline uploading, that doesn't mean I want the image files themselves world-writable. This patch ensures they never are.

Attachments (2)

wp_handle_upload-file-permissions-patch.diff (459 bytes) - added by Libertus 7 years ago.
the patch
wp_handle_upload-file-permissions-patch-2.diff (783 bytes) - added by Libertus 7 years ago.
This patch also corrects a nearby bug - a missing directory name in the error message

Download all attachments as: .zip

Change History (4)

Libertus7 years ago

the patch

Libertus7 years ago

This patch also corrects a nearby bug - a missing directory name in the error message

comment:1   doit-cu7 years ago

Does this really solve the problem? If the directory is world writable, and you upload file1.ext, I can still delete/replace file1.ext. I can't edit them directly, but I don't really need to. You'd need to sticky-bit the uploads directory as well to solve that on a linux/unix system... why not just chgrp to the web server user and chmod g+w the uploads directory?

comment:2   Nazgul6 years ago

  • Resolution set to wontfix
  • Status changed from new to closed

Closing as wontfix, based on last comment.

Note: See TracTickets for help on using tickets.