Ticket #2802 (closed defect (bug): wontfix)

Opened 6 years ago

Last modified 5 years ago

Ensure wp_handle_upload never leaves uploaded files world-writable

Reported by: Libertus Owned by: anonymous
Priority: normal Milestone:
Component: Security Version: 2.1
Severity: normal Keywords: inline upload files world writable wp_handle_upload
Cc:

Description

If I have to make my images directory world-writable to enable inline uploading, that doesn't mean I want the image files themselves world-writable. This patch ensures they never are.

Attachments

wp_handle_upload-file-permissions-patch.diff Download (459 bytes) - added by Libertus 6 years ago.
the patch
wp_handle_upload-file-permissions-patch-2.diff Download (783 bytes) - added by Libertus 6 years ago.
This patch also corrects a nearby bug - a missing directory name in the error message

Change History

Libertus6 years ago

the patch

Libertus6 years ago

This patch also corrects a nearby bug - a missing directory name in the error message

comment:1   doit-cu6 years ago

Does this really solve the problem? If the directory is world writable, and you upload file1.ext, I can still delete/replace file1.ext. I can't edit them directly, but I don't really need to. You'd need to sticky-bit the uploads directory as well to solve that on a linux/unix system... why not just chgrp to the web server user and chmod g+w the uploads directory?

comment:2   Nazgul5 years ago

  • Status changed from new to closed
  • Resolution set to wontfix

Closing as wontfix, based on last comment.

Note: See TracTickets for help on using tickets.