Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CRM-21565: Change mkdir to use correct and more secure mode numbers #120

Merged
merged 2 commits into from
May 21, 2018
Merged

CRM-21565: Change mkdir to use correct and more secure mode numbers #120

merged 2 commits into from
May 21, 2018

Conversation

TBSliver
Copy link
Contributor

@TBSliver TBSliver commented Dec 2, 2017
edited by civicrm-builder
Loading

The original setting of 777 is not a valid mode number for mkdir, and
should have been 0777 as it is an octal number. This has been changed
to 0755 to be in keeping with the wordpress permission scheme, which
is readable by all but only writeable by the current user. As these are
for backups a more strict setting may be preferable, but this is a
reasonable compromise

@TBSliver
Change mkdir to use correct and more secure mdoe numbers
6834a73 
The original setting of `777` is not a valid mode number for mkdir, and
should have been `0777` as it is an octal number. This has been changed
to `0755` to be in keeping with the wordpress permission scheme, which
is readable by all but only writeable by the current user. As these are
for backups a more strict setting may be preferable, but this is a
reasonable compromise
@TBSliver TBSliver mentioned this pull request Dec 11, 2017
Merged
@kcristiano
Copy link
Member

@TBSliver this looks good. I've tested and it works on my system. Before mergeing we should add a change on https://github.com/civicrm/civicrm-wordpress/blob/master/wp-cli/civicrm.php#L382 to set the permissions there to 0755 as well. Can you make this change on your currebt branch so that this gets added to this PR?

I would like more testing on this due to the multiple hosting environments we encounter. I am not sure why we set to 777 in the first place, so I do want to have this changed.

Thanks for the work on this.

@TBSliver
Copy link
Contributor Author

@kcristiano done and done: https://issues.civicrm.org/jira/browse/CRM-21565

@kcristiano
Copy link
Member

@colemanw I am OK with merging this, but is there anyway to update the PR to include the JIRA issue for the release notes? cc @agh1

@TBSliver
Copy link
Contributor Author

@kcristiano is this something that just needs editing on the original PR text, or is it something that gets put in on the merge notes when you accept and close the PR?

@kcristiano
Copy link
Member

@TBSliver I know that if the PR title includes the CRM-xxxx it helps the release notes get done. If you can edit and add that in it would be great. My hope is to get this in 4.7.30-RC as soon as possible

@agh1
Copy link
Contributor

agh1 commented Dec 21, 2017

Thanks @kcristiano @TBSliver: if you could please edit the title of this pull request to read

CRM-21565: Change mkdir to use correct and more secure mode numbers

that would be perfect!

@TBSliver TBSliver changed the title Change mkdir to use correct and more secure mode numbers CRM-21565: Change mkdir to use correct and more secure mode numbers Dec 21, 2017
@TBSliver
Copy link
Contributor Author

@kcristiano modified the title a while ago, hope this can be merged soon :)

@kcristiano
Copy link
Member

@totten would like to see if this can be merged. Somewhere along the line we set loose permission in WP and never caught it.

@kcristiano
Copy link
Member

@eileenmcnaughton Any chance you can take a look here. It's been merge ready and would be good to get in.

@JoeMurray
Copy link

JoeMurray commented May 21, 2018
edited
Loading

@Monish please review and merge if ready

@eileenmcnaughton
Copy link
Contributor

Merging based on @kcristiano review and also because it seems more correct & consistent to me

@eileenmcnaughton eileenmcnaughton merged commit 4d42759 into civicrm:master May 21, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
master
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@TBSliver @kcristiano @agh1 @JoeMurray @eileenmcnaughton @civicrm-builder