Config file is created with insecure permission allowing any user to read a file with login credentials to database
Config file is created with insecure permission allowing any user to read a file with login credentials to database
| Issue ID: | 3200 |
| Issue Category: | security |
| Component: | core |
| Priority: | major |
| Status: | active |
| Assigned: | Unassigned |
| Version: | 0.9 |
| Keywords: | security hasfix |
Config file is created with insecure permission allowing any user to read a file with login credentials to database.
All it lacks is a chmod in lib/installer.php as the attached fix proposes.
Updates
You can also subscribe to the
RSS feed for updates to this issue.