From 359a6b03d0a266d59c31a20f84798c49654df271 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Tue, 18 Jun 2013 09:00:58 -0400
Subject: [PATCH] Fixed: FS#3008 - Insecure permissions on SSL Key Files when key is created outside of ispconfig

---
 server/plugins-available/nginx_plugin.inc.php |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/server/plugins-available/nginx_plugin.inc.php b/server/plugins-available/nginx_plugin.inc.php
index 3696269..44159ae 100644
--- a/server/plugins-available/nginx_plugin.inc.php
+++ b/server/plugins-available/nginx_plugin.inc.php
@@ -243,6 +243,7 @@
 			if(trim($data["new"]["ssl_cert"]) != '') $app->system->file_put_contents($crt_file,$data["new"]["ssl_cert"]);
 			//if(trim($data["new"]["ssl_bundle"]) != '') $app->system->file_put_contents($bundle_file,$data["new"]["ssl_bundle"]);
 			if(trim($data["new"]["ssl_key"]) != '') $app->system->file_put_contents($key_file2,$data["new"]["ssl_key"]);
+			$app->system->chmod($key_file2,0400);
 			
 			// for nginx, bundle files have to be appended to the certificate file
 			if(trim($data["new"]["ssl_bundle"]) != ''){				

--
Gitblit v1.9.1