- Issue created by @C-Logemann
- Issue was unassigned.
- Status changed to Needs work
10 days ago 6:58pm 15 June 2024 - π©πͺGermany C-Logemann Frankfurt/M, Germany
I commit a first code which makes the test "real" with
chmod($directory, 0755);
.
But depending on the webserver this can cause problems related to group and others permissions. Maybe we can read the permissions first and just change the user permission. And like good hackers we could clean up by ourself with resetting the permissions as before. - Status changed to Needs review
10 days ago 7:26pm 15 June 2024 - π©πͺGermany C-Logemann Frankfurt/M, Germany
I added a file perm read and chmod reset to the code.
- Merge request !69Resolve #3454866 "File check is problematic green" β (Open) created by C-Logemann
- π©πͺGermany C-Logemann Frankfurt/M, Germany
On my test system (D 10.2, nginx, fpm) I changed the file ownership to secured user and the chmod part was just ignored.
- Status changed to Needs work
10 days ago 7:32pm 15 June 2024 - πΊπΈUnited States smustgrave
So this module is lacking tests but this seems like a change we should have coverage for as this is one of the more important checks
- π©πͺGermany C-Logemann Frankfurt/M, Germany
Just found my old issue about this: β¨ "Safe file system permissions" should test the ownership of files and directories Closed: outdated
- π©πͺGermany C-Logemann Frankfurt/M, Germany
@smustgrave OK, we need a test which creates an unsave situation to check if the file permission tests is still working correctly? Or is it only to make sure the test will not cause problems?
On my old concept I was only thinking about checking if webserver is the owner of the code. This can also be a good test additionally to the already working search on writeable folder. But this should be handle in different issues.