packages: php-dirs/php-dirs.spec - rel 4; user http shouldn't be able to li...
arekm
arekm at pld-linux.org
Tue Jun 23 14:19:40 CEST 2009
Author: arekm Date: Tue Jun 23 12:19:40 2009 GMT
Module: packages Tag: HEAD
---- Log message:
- rel 4; user http shouldn't be able to list session directory
---- Files affected:
packages/php-dirs:
php-dirs.spec (1.13 -> 1.14)
---- Diffs:
================================================================
Index: packages/php-dirs/php-dirs.spec
diff -u packages/php-dirs/php-dirs.spec:1.13 packages/php-dirs/php-dirs.spec:1.14
--- packages/php-dirs/php-dirs.spec:1.13 Fri Apr 17 11:25:40 2009
+++ packages/php-dirs/php-dirs.spec Tue Jun 23 14:19:34 2009
@@ -3,7 +3,7 @@
Summary(pl.UTF-8): Wspólne katalogi dla różnych wersji PHP
Name: php-dirs
Version: 1.1
-Release: 3
+Release: 4
License: GPL
Group: Base
BuildRequires: rpmbuild(macros) >= 1.461
@@ -48,7 +48,9 @@
%dir %{php_data_dir}
%dir %{php_data_dir}/tests
%dir %{_docdir}/phpdoc
-%attr(770,root,http) %dir %verify(not group mode) /var/run/php
+# http needs only x for directory (otherwise it knows session file
+# names and can read it contents)
+%attr(710,root,http) %dir %verify(not group mode) /var/run/php
%config(noreplace) %verify(not md5 mtime size) %{_tmpwatchdir}/php.conf
%define date %(echo `LC_ALL="C" date +"%a %b %d %Y"`)
@@ -57,6 +59,9 @@
All persons listed below can be reached at <cvs_login>@pld-linux.org
$Log$
+Revision 1.14 2009/06/23 12:19:34 arekm
+- rel 4; user http shouldn't be able to list session directory
+
Revision 1.13 2009/04/17 09:25:40 glen
- add %{php_data_dir}/tests; rel 3
================================================================
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/php-dirs/php-dirs.spec?r1=1.13&r2=1.14&f=u
More information about the pld-cvs-commit
mailing list