From be3234e0b28a4157bcd2a4783644b2f9b9b068e7 Mon Sep 17 00:00:00 2001
From: tekati <tekati@ispconfig3>
Date: Sun, 11 Jul 2010 23:16:07 -0400
Subject: [PATCH] Removed other group permissions o= from pam.d/smtp file in installer_base.lib.php file.

---
 install/lib/installer_base.lib.php |   28 ++++++++++++++++++++++------
 1 files changed, 22 insertions(+), 6 deletions(-)

diff --git a/install/lib/installer_base.lib.php b/install/lib/installer_base.lib.php
index 27669ff..cb489b5 100644
--- a/install/lib/installer_base.lib.php
+++ b/install/lib/installer_base.lib.php
@@ -211,6 +211,8 @@
 		$tpl_ini_array['web']['security_level'] = 20;
 		$tpl_ini_array['web']['user'] = $conf['apache']['user'];
 		$tpl_ini_array['web']['group'] = $conf['apache']['group'];
+		$tpl_ini_array['web']['php_ini_path_apache'] = $conf['apache']['php_ini_path_apache'];
+		$tpl_ini_array['web']['php_ini_path_cgi'] = $conf['apache']['php_ini_path_cgi'];
 		$tpl_ini_array['mail']['pop3_imap_daemon'] = ($conf['dovecot']['installed'] == true)?'dovecot':'courier';
 		$tpl_ini_array['mail']['mail_filter_syntax'] = ($conf['dovecot']['installed'] == true)?'sieve':'maildrop';
 		$tpl_ini_array['dns']['bind_user'] = $conf['bind']['bind_user'];
@@ -635,6 +637,8 @@
 		//* configure pam for SMTP authentication agains the ispconfig database
 		$configfile = 'pamd_smtp';
 		if(is_file("$pam/smtp"))    copy("$pam/smtp", "$pam/smtp~");
+		// On some OSes smtp is world readable which allows for reading database information.  Removing world readable rights should have no effect.
+		if(is_file("$pam/smtp"))    exec("chmod o= $pam/smtp");
 		if(is_file("$pam/smtp~"))   exec("chmod 400 $pam/smtp~");
 
 		$content = rf("tpl/$configfile.master");
@@ -944,7 +948,7 @@
 		exec('mkdir -p /var/log/ispconfig/httpd');
 
 		if(is_file('/etc/suphp/suphp.conf')) {
-			replaceLine('/etc/suphp/suphp.conf','php=php:/usr/bin','x-httpd-suphp=php:/usr/bin/php-cgi',0);
+			replaceLine('/etc/suphp/suphp.conf','php=php:/usr/bin','x-httpd-suphp="php:/usr/bin/php-cgi"',0);
 			//replaceLine('/etc/suphp/suphp.conf','docroot=','docroot=/var/clients',0);
 			replaceLine('/etc/suphp/suphp.conf','umask=0077','umask=0022',0);
 		}
@@ -1242,9 +1246,15 @@
 						$module_name = substr($file,0,-8);
 						$tmp = new $module_name;
 						if($tmp->onInstall()) {
-							if(!@is_link($install_dir.'/server/mods-enabled/'.$file)) @symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-enabled/'.$file);
+							if(!@is_link($install_dir.'/server/mods-enabled/'.$file)) {
+								@symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-enabled/'.$file);
+								// @symlink($install_dir.'/server/mods-available/'.$file, '../mods-enabled/'.$file);
+							}
 							if (strpos($file, '_core_module') !== false) {
-								if(!@is_link($install_dir.'/server/mods-core/'.$file)) @symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-core/'.$file);
+								if(!@is_link($install_dir.'/server/mods-core/'.$file)) {
+									@symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-core/'.$file);
+									// @symlink($install_dir.'/server/mods-available/'.$file, '../mods-core/'.$file);
+								}
 							}
 						}
 						unset($tmp);
@@ -1263,9 +1273,15 @@
 						$plugin_name = substr($file,0,-8);
 						$tmp = new $plugin_name;
 						if(method_exists($tmp,'onInstall') && $tmp->onInstall()) {
-							if(!@is_link($install_dir.'/server/plugins-enabled/'.$file)) @symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-enabled/'.$file);
+							if(!@is_link($install_dir.'/server/plugins-enabled/'.$file)) {
+								@symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-enabled/'.$file);
+								//@symlink($install_dir.'/server/plugins-available/'.$file, '../plugins-enabled/'.$file);
+							}
 							if (strpos($file, '_core_plugin') !== false) {
-								if(!@is_link($install_dir.'/server/plugins-core/'.$file)) @symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-core/'.$file);
+								if(!@is_link($install_dir.'/server/plugins-core/'.$file)) {
+									@symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-core/'.$file);
+									//@symlink($install_dir.'/server/plugins-available/'.$file, '../plugins-core/'.$file);
+								}
 							}
 						}
 						unset($tmp);
@@ -1624,4 +1640,4 @@
 	}
 }
 
-?>
\ No newline at end of file
+?>

--
Gitblit v1.9.1