Implemented SecUploadFileMode. See #448.

2026-01-16 08:27:10 +03:00 · 2008-01-24 22:10:37 +00:00
parent f427f2a120
commit f4a6e716dd
5 changed files with 94 additions and 22 deletions
--- a/4
+++ b/4
@@ -1,6 +1,8 @@
-23 Jan 2008 - 2.1.6-rc1
+24 Jan 2008 - 2.1.6-rc1
 -----------------------

+ * Implemented SecUploadFileMode to allow setting the mode for uploaded files.
+
 * No longer log the query portion of the URI in the error log as
   it may contain sensitive data.

--- a/apache2/apache2_config.c
+++ b/apache2/apache2_config.c
@@ -69,6 +69,7 @@ void *create_directory_config(apr_pool_t *mp, char *path) {
    dcfg->upload_dir = NOT_SET_P;
    dcfg->upload_keep_files = NOT_SET;
    dcfg->upload_validates_files = NOT_SET;
+    dcfg->upload_filemode = NOT_SET;

    /* These are only used during the configuration process. */
    dcfg->tmp_chain_starter = NULL;
@@ -346,6 +347,8 @@ void *merge_directory_configs(apr_pool_t *mp, void *_parent, void *_child) {
        ? parent->upload_keep_files : child->upload_keep_files);
    merged->upload_validates_files = (child->upload_validates_files == NOT_SET
        ? parent->upload_validates_files : child->upload_validates_files);
+    merged->upload_filemode = (child->upload_filemode == NOT_SET
+        ? parent->upload_filemode : child->upload_filemode);

    /* Misc */
    merged->data_dir = (child->data_dir == NOT_SET_P
@@ -407,6 +410,7 @@ void init_directory_config(directory_config *dcfg) {
    if (dcfg->upload_dir == NOT_SET_P) dcfg->upload_dir = NULL;
    if (dcfg->upload_keep_files == NOT_SET) dcfg->upload_keep_files = KEEP_FILES_OFF;
    if (dcfg->upload_validates_files == NOT_SET) dcfg->upload_validates_files = 0;
+    if (dcfg->upload_filemode == NOT_SET) dcfg->upload_filemode = 0600;

    /* Misc */
    if (dcfg->data_dir == NOT_SET_P) dcfg->data_dir = NULL;
@@ -1058,6 +1062,26 @@ static const char *cmd_upload_dir(cmd_parms *cmd, void *_dcfg, const char *p1) {
    return NULL;
 }

+static const char *cmd_upload_filemode(cmd_parms *cmd, void *_dcfg, const char *p1) {
+    directory_config *dcfg = (directory_config *)_dcfg;
+
+    if (dcfg == NULL) return NULL;
+
+    if (strcasecmp(p1, "default") == 0) {
+        dcfg->upload_filemode = NOT_SET;
+    }
+    else {
+        long int mode = strtol(p1, NULL, 8); /* expects octal mode */
+        if ((mode == LONG_MAX)||(mode == LONG_MIN)||(mode <= 0)||(mode > 0777)) {
+            return apr_psprintf(cmd->pool, "ModSecurity: Invalid value for SecUploadFileMode: %s", p1);
+        }
+        
+        dcfg->upload_filemode = (int)mode;
+    }
+
+    return NULL;
+}
+
 static const char *cmd_upload_keep_files(cmd_parms *cmd, void *_dcfg, const char *p1) {
    directory_config *dcfg = (directory_config *)_dcfg;

@@ -1362,6 +1386,14 @@ const command_rec module_directives[] = {
        "" // TODO
    ),

+    AP_INIT_TAKE1 (
+        "SecUploadFileMode",
+        cmd_upload_filemode,
+        NULL,
+        CMD_SCOPE_ANY,
+        "octal permissions mode for uploaded files"
+    ),
+
    AP_INIT_TAKE1 (
        "SecUploadKeepFiles",
        cmd_upload_keep_files,
--- a/apache2/modsecurity.h
+++ b/apache2/modsecurity.h
@@ -377,6 +377,7 @@ struct directory_config {
    const char          *upload_dir;
    int                  upload_keep_files;
    int                  upload_validates_files;
+    int                  upload_filemode;

    /* Used only in the configuration phase. */
    msre_rule           *tmp_chain_starter;
--- a/apache2/msc_multipart.c
+++ b/apache2/msc_multipart.c
@@ -9,6 +9,7 @@
 *
 */
 #include <ctype.h>
+#include <sys/stat.h>

 #include "msc_multipart.h"
 #include "msc_util.h"
@@ -377,6 +378,21 @@ static int multipart_process_part_data(modsec_rec *msr, char **error_msg) {

                msr_log(msr, 4, "Multipart: Created temporary file: %s",
                    log_escape_nq(msr->mp, msr->mpd->mpp->tmp_file_name));
+
+                #if (!(defined(WIN32) || defined(NETWARE)))
+                if (msr->txcfg->debuglog_level >= 9) {
+                    msr_log(msr, 9, "Multipart: Changing file mode to %04o: %s", msr->txcfg->upload_filemode, log_escape_nq(msr->mp, msr->mpd->mpp->tmp_file_name));
+                }
+                if (fchmod(msr->mpd->mpp->tmp_file_fd, msr->txcfg->upload_filemode) < 0) {
+                    
+                    char errbuf[256];
+                    if (msr->txcfg->debuglog_level >= 3) {
+                        msr_log(msr, 3, "Multipart: Could not change mode on \"%s\" (%d): %s",
+                            log_escape_nq(msr->mp, msr->mpd->mpp->tmp_file_name),
+                            errno, apr_strerror(APR_FROM_OS_ERROR(errno), errbuf, 256));
+                    }
+                }
+                #endif
            }

            /* write the reserve first */
--- a/doc/modsecurity2-apache-reference.xml
+++ b/doc/modsecurity2-apache-reference.xml
@@ -3,7 +3,7 @@
  <title>ModSecurity Reference Manual</title>

  <articleinfo>
-    <releaseinfo>Version 2.1.6-rc1 / (Jan 23, 2008)</releaseinfo>
+    <releaseinfo>Version 2.1.6-rc1 / (Jan 24, 2008)</releaseinfo>

    <copyright>
      <year>2004-2008</year>
@@ -335,14 +335,15 @@

      <listitem>
        <para>Add one line to your configuration to load libxml2:</para>
+
        <para><literal moreinfo="none">LoadFile
        /usr/lib/libxml2.so</literal></para>
      </listitem>

      <listitem>
        <para>Add one line to your configuration to load ModSecurity:</para>
-        <para><literal
-        moreinfo="none">LoadModule security2_module
+
+        <para><literal moreinfo="none">LoadModule security2_module
        modules/mod_security2.so</literal></para>
      </listitem>

@@ -363,19 +364,17 @@
      <para>If you have compiled Apache yourself or are compiling for a
      distribution, please read the following notes.</para>

-      <para>The ModSecurity Core rules may assume XML support is
-      available (compiled with -DWITH_LIBXML2).  You may have to manually
-      remove any XML references in the Core rules if you choose not to
-      include XML support.  In future versions of ModSecurity XML support
-      will be required.  For these reasons, please consider XML support
-      required.</para>
+      <para>The ModSecurity Core rules may assume XML support is available
+      (compiled with -DWITH_LIBXML2). You may have to manually remove any XML
+      references in the Core rules if you choose not to include XML support.
+      In future versions of ModSecurity XML support will be required. For
+      these reasons, please consider XML support required.</para>

-      <para>You might experience problems
-      compiling ModSecurity against PCRE. This is because Apache bundles PCRE
-      but this library is also typically provided by the operating system. I
-      would expect most (all) vendor-packaged Apache distributions to be
-      configured to use an external PCRE library (so this should not be a
-      problem).</para>
+      <para>You might experience problems compiling ModSecurity against PCRE.
+      This is because Apache bundles PCRE but this library is also typically
+      provided by the operating system. I would expect most (all)
+      vendor-packaged Apache distributions to be configured to use an external
+      PCRE library (so this should not be a problem).</para>

      <para>You want to avoid Apache using the bundled PCRE library and
      ModSecurity linking against the one provided by the operating system.
@@ -389,11 +388,10 @@
      available only in the Apache source code) and change the include path
      for ModSecurity (as you did in step 7 above) to point to them.</para>

-      <para>If your Apache is using an external PCRE library you
-      can compile ModSecurity with <literal
-      moreinfo="none">WITH_PCRE_STUDY</literal> defined,which would possibly
-      give you a slight performance edge in regular expression
-      processing.</para>
+      <para>If your Apache is using an external PCRE library you can compile
+      ModSecurity with <literal moreinfo="none">WITH_PCRE_STUDY</literal>
+      defined,which would possibly give you a slight performance edge in
+      regular expression processing.</para>
    </note>
  </section>

@@ -1565,6 +1563,29 @@ ServerAlias www.app2.com
      directive is used with <literal>SecUploadKeepFiles</literal>.</para>
    </section>

+    <section>
+      <title><literal>SecUploadFileMode</literal></title>
+
+      <para><emphasis>Description:</emphasis> Configures the mode
+      (permissions) of any uploaded files using an octal number.</para>
+
+      <para><emphasis>Syntax:</emphasis> <literal
+      moreinfo="none">SecUploadFileMode octal_mode</literal></para>
+
+      <para><emphasis>Example Usage:</emphasis> <literal
+      moreinfo="none">SecUploadFileMode 0640</literal></para>
+
+      <para><emphasis>Processing Phase:</emphasis> N/A</para>
+
+      <para><emphasis>Scope:</emphasis> Any</para>
+
+      <para><emphasis>Dependencies/Notes:</emphasis> The mode is an octal
+      number (as used in chmod). The default mode is for only the account
+      writing the file to have read/write access (0600). Use this directive
+      with caution to avoid exposing potentially sensitive data to
+      unauthorized users.</para>
+    </section>
+
    <section>
      <title><literal>SecUploadKeepFiles</literal></title>

@@ -4440,4 +4461,4 @@ SecRule XML "<emphasis role="bold">@validateSchema /path/to/apache2/conf/xml.xsd
      </section>
    </section>
  </section>
-</article>
+</article>