Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-40642

Improve the way Moodle sets world-writable files in moodledata directory

XMLWordPrintable

    • Icon: Improvement Improvement
    • Resolution: Fixed
    • Icon: Minor Minor
    • 2.6
    • 2.4.5
    • Files API
    • MOODLE_24_STABLE
    • MOODLE_26_STABLE
    • w30_MDL-40642_m26_umask
    • Hide

      1/ set $CFG->directorypermissions = 0770 in your config.php
      2/ purge dataroot and install moodle
      3/ do some stuff that creates files in dataroot
      4/ verify all file permissions in dataroot are 0660 and dir permissions 0770

      Any regressions or incompatibilities will be hopefully reported before 2.6, I believe this is too risky for backport.

      Show
      1/ set $CFG->directorypermissions = 0770 in your config.php 2/ purge dataroot and install moodle 3/ do some stuff that creates files in dataroot 4/ verify all file permissions in dataroot are 0660 and dir permissions 0770 Any regressions or incompatibilities will be hopefully reported before 2.6, I believe this is too risky for backport.

      Moodle creates world-writable files, which creates a lot of logging warnings from various security scanners used by Linux (and probably other) systems. There is no reason for it to be creating world-writable files at all. At the very least, if the $CFG->directorypermissions value in config.php ends in a zero, it definitely should not be doing this. This has been the case in previous Moodle versions for as long as I can remember. I haven't tested 2.5 yet.

            skodak Petr Skoda
            luigiwalser David Walser
            Eloy Lafuente (stronk7) Eloy Lafuente (stronk7)
            Frédéric Massart Frédéric Massart
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

              Created:
              Updated:
              Resolved:

                Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.