Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-53899

Permissions of files created during the plugin installation

    XMLWordPrintable

Details

    • MOODLE_30_STABLE
    • MOODLE_30_STABLE
    • MDL-53899-master-pluginperm
    • Hide
      1. Explicitly configure these default values in your config.php (so that we are sure about them): 

        $CFG->directorypermissions = 02777; 
        $CFG->filepermissions = 0666;

      2. Set more restrictive permissions for the root directory of a given plugin type. E.g. set 750 for the admin/tool/ folder.
      3. Install a plugin of that type via the admin interface.
      4. Expected behaviour: The installled plugin's directories and files inherit the type directory permissions.
      1. Test that you can still install plugins on a windows server.
      Show
      Explicitly configure these default values in your config.php (so that we are sure about them): $CFG->directorypermissions = 02777; $CFG->filepermissions = 0666; Set more restrictive permissions for the root directory of a given plugin type. E.g. set 750 for the admin/tool/ folder. Install a plugin of that type via the admin interface. Expected behaviour: The installled plugin's directories and files inherit the type directory permissions. Test that you can still install plugins on a windows server.

    Description

      This is a regression of the plugin installer improvements in Moodle 3.0 - MDL-49329

      A bit of background first:

      When installing plugins via admin interface in Moodle 2.5, the plugin files were created under dataroot and then copied over to the dirroot. So they were created using the $CFG->directorypermissions and $CFG->filepermissions having default values 02777 and 666. This is suitable for dataroot files, but not for PHP scripts and it may lead to HTTP 500 errors.

      To fix that, Petr Škoda implemented a better behaviour for Moodle 2.6 in MDL-42110 where the plugin files inherit the permissions from the plugin root folder.

      Unfortunately I did not realize this in MDL-49329 where the implementation of the files deployment was changed. We now use file_packer::extract_to_pathname() which uses the CFG permissions again.

      As a result, in Moodle 3.0 the plugins are again created with too relaxed permissions by default, causing HTTP 500 and other troubles - e.g MDL-53688 or MDL-53895.

      I'm sorry for that.

      Attachments

        Issue Links

          has a non-specific relationship to

          Bug - A problem which impairs or prevents Moodle from functioning correctly. MDL-42110 Installing add-ons causes 500 internal server error.

          • Critical - Crashes server, loss of data, severe memory leak
          • Closed

          Improvement - An enhancement to an existing Moodle feature. MDL-29016 Support changing of $CFG->directorypermissions in moodle installers modified by distributions

          • Minor - Minor loss of function where workaround is possible
          • Closed
          is a regression caused by

          New Feature - A new Moodle feature which has yet to be developed. MDL-49329 Multiple improvements in the plugins installation/update system

          • Critical - Crashes server, loss of data, severe memory leak
          • Closed
          will help resolve

          Improvement - An enhancement to an existing Moodle feature. MDL-53688 Trouble with file permissions set by plugin installer

          • Minor - Minor loss of function where workaround is possible
          • Closed

          Activity

            People

              mudrd8mz David Mudrák (@mudrd8mz)
              mudrd8mz David Mudrák (@mudrd8mz)
              Damyon Wiese Damyon Wiese
              David Monllaó David Monllaó
              Simey Lameze Simey Lameze
              Votes:
              2 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                9/May/16