[wp-trac] [WordPress Trac] #17227: wp should work around bug in move_uploaded_file for tighter security
WordPress Trac
wp-trac at lists.automattic.com
Sun Apr 24 03:11:58 UTC 2011
#17227: wp should work around bug in move_uploaded_file for tighter security
--------------------------+------------------------------
Reporter: chrishecker | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Security | Version:
Severity: normal | Resolution:
Keywords: |
--------------------------+------------------------------
Comment (by chrishecker):
Replying to [ticket:17227 chrishecker]:
> However, there's a bug in php's move_uploaded_file that it doesn't obey
the directory group sticky bit
I did some more testing, and bash's cp obeys it, and mv does not, so maybe
calling it a bug is a stretch (and maybe this is why the php folks haven't
fixed it, saying it should behave like mv), but the behavior certainly
prevents this security hardening technique, which would seem to be a win.
Chris
--
Ticket URL: <http://core.trac.wordpress.org/ticket/17227#comment:2>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list