-
Improvement
-
Resolution: Fixed
-
Minor
-
2.4.5
-
MOODLE_24_STABLE
-
MOODLE_26_STABLE
-
w30_
MDL-40642_m26_umask -
Moodle creates world-writable files, which creates a lot of logging warnings from various security scanners used by Linux (and probably other) systems. There is no reason for it to be creating world-writable files at all. At the very least, if the $CFG->directorypermissions value in config.php ends in a zero, it definitely should not be doing this. This has been the case in previous Moodle versions for as long as I can remember. I haven't tested 2.5 yet.
- has been marked as being related by
-
MDLSITE-2345 Perform some verifications about dir/file permissions being used properly
-
- Open
-
-
MDL-40841 Move all file system operations to some core_io wrapper
-
- Closed
-
- is blocked by
-
MDL-40435 moodledata/cache/core_component.php created with incorrect permission during fresh installation
-
- Closed
-