Nemcio/CyberPanel
1
0
Fork 0
mirror of https://github.com/usmannasir/cyberpanel.git synced 2025-11-10 15:26:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

security fix: CP-26: Manage Website – File Manager – Upload

Browse Source
This commit is contained in:
Usman Nasir
2021-08-20 20:25:28 +05:00
parent a288a88754
commit 9df424a9fc
2 changed files with 20 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
install/install.py
View File

@@ -664,6 +664,16 @@ class preFlightsChecks:
command = 'mount -o remount,rw,hidepid=2 /proc'
preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR)
## symlink protection
writeToFile = open('/usr/lib/sysctl.d/50-default.conf', 'a')
writeToFile.writelines('fs.protected_hardlinks = 1\n')
writeToFile.writelines('fs.protected_symlinks = 1\n')
writeToFile.close()
command = 'sysctl --system'
preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR)
###
def install_unzip(self):

10
plogical/upgrade.py
View File

@@ -2097,6 +2097,16 @@ echo $oConfig->Save() ? 'Done' : 'Error';
command = 'chmod 750 /usr/local/lsws/logs'
Upgrade.executioner(command, 0)
## symlink protection
writeToFile = open('/usr/lib/sysctl.d/50-default.conf', 'a')
writeToFile.writelines('fs.protected_hardlinks = 1\n')
writeToFile.writelines('fs.protected_symlinks = 1\n')
writeToFile.close()
command = 'sysctl --system'
Upgrade.executioner(command, 0)
Upgrade.stdOut("Permissions updated.")
except BaseException as msg: