Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-53899

Permissions of files created during the plugin installation

    XMLWordPrintable

    Details

    • Testing Instructions:
      Hide
      1. Explicitly configure these default values in your config.php (so that we are sure about them):

        $CFG->directorypermissions = 02777; 
        $CFG->filepermissions = 0666;
        

      2. Set more restrictive permissions for the root directory of a given plugin type. E.g. set 750 for the admin/tool/ folder.
      3. Install a plugin of that type via the admin interface.
      4. Expected behaviour: The installled plugin's directories and files inherit the type directory permissions.
      1. Test that you can still install plugins on a windows server.
      Show
      Explicitly configure these default values in your config.php (so that we are sure about them): $CFG->directorypermissions = 02777; $CFG->filepermissions = 0666; Set more restrictive permissions for the root directory of a given plugin type. E.g. set 750 for the admin/tool/ folder. Install a plugin of that type via the admin interface. Expected behaviour: The installled plugin's directories and files inherit the type directory permissions. Test that you can still install plugins on a windows server.
    • Affected Branches:
      MOODLE_30_STABLE
    • Fixed Branches:
      MOODLE_30_STABLE
    • Pull from Repository:
    • Pull Master Branch:
      MDL-53899-master-pluginperm

      Description

      This is a regression of the plugin installer improvements in Moodle 3.0 - MDL-49329

      A bit of background first:

      When installing plugins via admin interface in Moodle 2.5, the plugin files were created under dataroot and then copied over to the dirroot. So they were created using the $CFG->directorypermissions and $CFG->filepermissions having default values 02777 and 666. This is suitable for dataroot files, but not for PHP scripts and it may lead to HTTP 500 errors.

      To fix that, Petr Škoda implemented a better behaviour for Moodle 2.6 in MDL-42110 where the plugin files inherit the permissions from the plugin root folder.

      Unfortunately I did not realize this in MDL-49329 where the implementation of the files deployment was changed. We now use file_packer::extract_to_pathname() which uses the CFG permissions again.

      As a result, in Moodle 3.0 the plugins are again created with too relaxed permissions by default, causing HTTP 500 and other troubles - e.g MDL-53688 or MDL-53895.

      I'm sorry for that.

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                2 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  9/May/16