VladPolskiy/webmin
1
0
Fork 0
mirror of https://github.com/webmin/webmin.git synced 2025-07-23 00:30:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

Don't allow deletion of access root directories

Browse Source
This commit is contained in:
Jamie Cameron
2007-10-12 00:38:21 +00:00
parent 415df5525a
commit 1a7c0c4dc1
2 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
file/delete.cgi
View File

@ -11,6 +11,10 @@ if ($access{'ro'} || !&can_access($in{'file'})) {
print &text('delete_eaccess', $in{'file'}),"\n";
exit;
}
if (&indexof($in{'file'}, @allowed_roots) >= 0) {
print &text('delete_eroot', $in{'file'}),"\n";
exit;
}
if (-r &unmake_chroot($in{'file'}) && !-d &unmake_chroot($in{'file'})) {
&switch_acl_uid_and_chroot();
$rv = unlink($in{'file'});

1
file/lang/en
View File

@ -219,6 +219,7 @@ copy_eto=You are not allowed to copy to '$1'
copy_elink=symlink failed : $1
delete_eaccess=You are not allowed to delete '$1'
delete_eroot=The directory '$1' is one of those that you are limited to, and so cannot be deleted
list_eaccess=You are not allowed to access this directory
list_edir=Failed to list $1 : $2