bug #1806236 Make the world write check on config.inc.php optional
This commit is contained in:
Marc Delisle
@@ -18,6 +18,7 @@ $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyA
|
|||||||
looking for a name more descriptive than codegen, taking into account
|
looking for a name more descriptive than codegen, taking into account
|
||||||
that it might later support other formats like JSON in the same plugin
|
that it might later support other formats like JSON in the same plugin
|
||||||
+ [lang] Finnish update, thanks to Jouni Kahkonen
|
+ [lang] Finnish update, thanks to Jouni Kahkonen
|
||||||
|
+ [config] new parameter $cfg['CheckConfigurationPermissions']
|
||||||
|
|
||||||
2.11.4.0 (not yet released)
|
2.11.4.0 (not yet released)
|
||||||
- bug #1843428 [GUI] Space issue with DROP/DELETE/ALTER TABLE
|
- bug #1843428 [GUI] Space issue with DROP/DELETE/ALTER TABLE
|
||||||
|
|||||||
@@ -1529,6 +1529,15 @@ $cfg['TrustedProxies'] =
|
|||||||
Default is auto.
|
Default is auto.
|
||||||
</dd>
|
</dd>
|
||||||
|
|
||||||
|
<dt id="cfg_CheckConfigurationPermissions">$cfg['CheckConfigurationPermissions'] boolean</dt>
|
||||||
|
<dd>
|
||||||
|
We normally check the permissions on the configuration file to ensure
|
||||||
|
it's not world writable. However, phpMyAdmin could be installed on
|
||||||
|
a NTFS filesystem mounted on a non-Windows server, in which case the
|
||||||
|
permissions seems wrong but in fact cannot be detected. In this case
|
||||||
|
a sysadmin would set this parameter to <tt>FALSE</tt>. Default is <tt>TRUE</tt>.
|
||||||
|
</dd>
|
||||||
|
|
||||||
<dt id="cfg_NaviWidth">$cfg['NaviWidth'] integer</dt>
|
<dt id="cfg_NaviWidth">$cfg['NaviWidth'] integer</dt>
|
||||||
<dd>Navi frame width in pixels. See <tt>themes/themename/layout.inc.php</tt>.
|
<dd>Navi frame width in pixels. See <tt>themes/themename/layout.inc.php</tt>.
|
||||||
</dd>
|
</dd>
|
||||||
|
|||||||
@@ -477,15 +477,18 @@ class PMA_Config
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Check for permissions (on platforms that support it):
|
// Check for permissions (on platforms that support it):
|
||||||
$perms = @fileperms($this->getSource());
|
if ($this->get('CheckConfigurationPermissions')) {
|
||||||
if (!($perms === false) && ($perms & 2)) {
|
echo 'trace';
|
||||||
// This check is normally done after loading configuration
|
$perms = @fileperms($this->getSource());
|
||||||
$this->checkWebServerOs();
|
if (!($perms === false) && ($perms & 2)) {
|
||||||
if ($this->get('PMA_IS_WINDOWS') == 0) {
|
// This check is normally done after loading configuration
|
||||||
$this->source_mtime = 0;
|
$this->checkWebServerOs();
|
||||||
die('Wrong permissions on configuration file, should not be world writable!');
|
if ($this->get('PMA_IS_WINDOWS') == 0) {
|
||||||
}
|
$this->source_mtime = 0;
|
||||||
}
|
die('Wrong permissions on configuration file, should not be world writable!');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -2163,6 +2163,14 @@ $cfg['GD2Available'] = 'auto';
|
|||||||
*/
|
*/
|
||||||
$cfg['TrustedProxies'] = array();
|
$cfg['TrustedProxies'] = array();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* We normally check the permissions on the configuration file to ensure
|
||||||
|
* it's not world writable. However, phpMyAdmin could be installed on
|
||||||
|
* a NTFS filesystem mounted on a non-Windows server, in which case the
|
||||||
|
* permissions seems wrong but in fact cannot be detected. In this case
|
||||||
|
* a sysadmin would set the following to false.
|
||||||
|
*/
|
||||||
|
$cfg['CheckConfigurationPermissions'] = true;
|
||||||
|
|
||||||
/*******************************************************************************
|
/*******************************************************************************
|
||||||
* SQL Parser Settings
|
* SQL Parser Settings
|
||||||
|
|||||||
Reference in New Issue
Block a user