Corrige une faille critique permettant de creer un sous domaine pointant sur / du systÚme
This commit is contained in:
Nahuel Angelinetti
parent
5f50bbaf41
commit
3f648fcf1e
|
|
@ -195,12 +195,17 @@ function checkuserpath($path) {
|
||||||
$usar=substr($user,0,1);
|
$usar=substr($user,0,1);
|
||||||
if (substr($path,0,1)=="/")
|
if (substr($path,0,1)=="/")
|
||||||
$path="/".$path;
|
$path="/".$path;
|
||||||
|
|
||||||
|
$rpath = realpath("/var/alternc/html/$usar/$user$path");
|
||||||
|
$userpath = realpath("/var/alternc/html/$usar/$user");
|
||||||
|
if(strpos($rpath,$userpath) === 0){
|
||||||
if (is_dir("/var/alternc/html/$usar/$user$path")) {
|
if (is_dir("/var/alternc/html/$usar/$user$path")) {
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
if (is_file("/var/alternc/html/$usar/$user$path")) {
|
if (is_file("/var/alternc/html/$usar/$user$path")) {
|
||||||
return 2;
|
return 2;
|
||||||
}
|
}
|
||||||
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue