diff options
author | Remi Collet <fedora@famillecollet.com> | 2014-08-18 18:54:45 +0200 |
---|---|---|
committer | Remi Collet <fedora@famillecollet.com> | 2014-08-18 18:54:45 +0200 |
commit | a318e2f16554b35d07e5cc7cbe9827125772851a (patch) | |
tree | 33c71d291c0257b14fb4e68ffe809875710076db | |
parent | a8a9b3a4c34906b72fefe1fdd7efdf76f05a9db0 (diff) |
phpMyAdmin: restrict access to /etc/phpMyAdmin and /var/lib/phpMyAdmin (backport)
-rw-r--r-- | phpMyAdmin.spec | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/phpMyAdmin.spec b/phpMyAdmin.spec index 6f62e6c..5f7ab4d 100644 --- a/phpMyAdmin.spec +++ b/phpMyAdmin.spec @@ -14,7 +14,7 @@ Name: phpMyAdmin Version: 4.2.7.1 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Web based MySQL browser written in php Group: Applications/Internet @@ -177,14 +177,17 @@ sed -i -e "/'blowfish_secret'/s/MUSTBECHANGEDONINSTALL/$RANDOM$RANDOM$RANDOM$RAN %doc doc/html/ examples/ %{_datadir}/%{name} %dir %{_sysconfdir}/%{name} -%config(noreplace) %{_sysconfdir}/%{name}/config.inc.php +%config(noreplace) %attr(0640,root,apache) %{_sysconfdir}/%{name}/config.inc.php %config(noreplace) %{_sysconfdir}/httpd/conf.d/%{name}.conf -%dir %{_localstatedir}/lib/%{name}/upload -%dir %attr(755,apache,root) %{_localstatedir}/lib/%{name}/save -%dir %attr(755,apache,root) %{_localstatedir}/lib/%{name}/config +%dir %attr(0750,apache,apache) %{_localstatedir}/lib/%{name}/upload +%dir %attr(0750,apache,apache) %{_localstatedir}/lib/%{name}/save +%dir %attr(0750,apache,apache) %{_localstatedir}/lib/%{name}/config %changelog +* Mon Aug 18 2014 Remi Collet <rpms@famillecollet.com> 4.2.7.1-2 +- restrict access to /etc/phpMyAdmin and /var/lib/phpMyAdmin + * Sun Aug 17 2014 Remi Collet <rpms@famillecollet.com> 4.2.7.1-1 - update to 4.2.7.1 (SUn, 17 Aug 2014, security) - fix for PMASA-2014-8 and PMASA-2014-9 |