You are here: Foswiki>Tasks Web>Item11935 (02 Dec 2012, GeorgeClark)Edit Attach

Item11935: Set the umask explicitly while creating session files.

pencil
Priority: Enhancement
Current State: Closed
Released In: 1.1.6
Target Release: patch
Applies To: Engine
Component:
Branches: Release01x01 trunk
Reported By: MichaelDaum
Waiting For:
Last Change By: GeorgeClark
This improves the default security when creating session objects in the file system. Before, all session files have been created with a default 0660 permission setting while the system-wide umask has been applied. Now, the default is a 0600 file permission, that is only the user running the foswiki server can read the session objects.

The new configuration parameter {Session}{filePermission} can also be used to explicitly open access rights on session files when there are other subsystems on the same server that actually need access to the session information, for example to cross authenticate a user on an xmpp chat server as well while logging in to foswiki.

-- MichaelDaum - 11 Jun 2012

 

ItemTemplate edit

Summary Set the umask explicitly while creating session files.
ReportedBy MichaelDaum
Codebase 1.1.5, trunk
SVN Range
AppliesTo Engine
Component
Priority Enhancement
CurrentState Closed
WaitingFor
Checkins distro:dd18fb93470d distro:84718c997b0e distro:43ce7df13749 distro:bcef8daba836
TargetRelease patch
ReleasedIn 1.1.6
CheckinsOnBranches Release01x01 trunk
trunkCheckins distro:dd18fb93470d distro:43ce7df13749
Release01x01Checkins distro:84718c997b0e distro:bcef8daba836
Edit  | Attach | Print version | History: r11 < r10 < r9 < r8 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r11 - 02 Dec 2012, GeorgeClark
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy