Implemented SecUploadFileMode. See #448.

CHANGES

@@ -1,6 +1,8 @@
-23 Jan 2008 - 2.5.0-rc2
+24 Jan 2008 - 2.5.0-rc2
 -----------------------
 
+ * Implemented SecUploadFileMode to allow setting the mode for uploaded files.
+
  * Implemented "block" action.
 
  * No longer log the query portion of the URI in the error log as

apache2/apache2_config.c

@@ -73,6 +73,7 @@ void *create_directory_config(apr_pool_t *mp, char *path) {
     dcfg->upload_dir = NOT_SET_P;
     dcfg->upload_keep_files = NOT_SET;
     dcfg->upload_validates_files = NOT_SET;
+    dcfg->upload_filemode = NOT_SET;
 
     /* These are only used during the configuration process. */
     dcfg->tmp_chain_starter = NULL;
@@ -402,6 +403,8 @@ void *merge_directory_configs(apr_pool_t *mp, void *_parent, void *_child) {
         ? parent->upload_keep_files : child->upload_keep_files);
     merged->upload_validates_files = (child->upload_validates_files == NOT_SET
         ? parent->upload_validates_files : child->upload_validates_files);
+    merged->upload_filemode = (child->upload_filemode == NOT_SET
+        ? parent->upload_filemode : child->upload_filemode);
 
     /* Misc */
     merged->data_dir = (child->data_dir == NOT_SET_P
@@ -502,6 +505,7 @@ void init_directory_config(directory_config *dcfg) {
     if (dcfg->upload_dir == NOT_SET_P) dcfg->upload_dir = NULL;
     if (dcfg->upload_keep_files == NOT_SET) dcfg->upload_keep_files = KEEP_FILES_OFF;
     if (dcfg->upload_validates_files == NOT_SET) dcfg->upload_validates_files = 0;
+    if (dcfg->upload_filemode == NOT_SET) dcfg->upload_filemode = 0600;
 
     /* Misc */
     if (dcfg->data_dir == NOT_SET_P) dcfg->data_dir = NULL;
@@ -1461,6 +1465,26 @@ static const char *cmd_upload_dir(cmd_parms *cmd, void *_dcfg, const char *p1) {
     return NULL;
 }
 
+static const char *cmd_upload_filemode(cmd_parms *cmd, void *_dcfg, const char *p1) {
+    directory_config *dcfg = (directory_config *)_dcfg;
+
+    if (dcfg == NULL) return NULL;
+
+    if (strcasecmp(p1, "default") == 0) {
+        dcfg->upload_filemode = NOT_SET;
+    }
+    else {
+        long int mode = strtol(p1, NULL, 8); /* expects octal mode */
+        if ((mode == LONG_MAX)||(mode == LONG_MIN)||(mode <= 0)||(mode > 0777)) {
+            return apr_psprintf(cmd->pool, "ModSecurity: Invalid value for SecUploadFileMode: %s", p1);
+        }
+        
+        dcfg->upload_filemode = (int)mode;
+    }
+
+    return NULL;
+}
+
 static const char *cmd_upload_keep_files(cmd_parms *cmd, void *_dcfg, const char *p1) {
     directory_config *dcfg = (directory_config *)_dcfg;
 
@@ -2045,6 +2069,14 @@ const command_rec module_directives[] = {
         "path to the file upload area"
     ),
 
+    AP_INIT_TAKE1 (
+        "SecUploadFileMode",
+        cmd_upload_filemode,
+        NULL,
+        CMD_SCOPE_ANY,
+        "octal permissions mode for uploaded files"
+    ),
+
     AP_INIT_TAKE1 (
         "SecUploadKeepFiles",
         cmd_upload_keep_files,

apache2/buildconf

@@ -23,6 +23,9 @@
 #
 build/buildcheck.sh || exit 1
 
+echo "Generating config header ..."
+autoheader -Wall || exit 1
+
 libtoolize=`build/PrintPath glibtoolize libtoolize15 libtoolize14 libtoolize`
 if [ "x$libtoolize" = "x" ]; then
     echo "libtoolize not found in path"

apache2/configure.in

@@ -6,7 +6,8 @@ dnl
 
 AC_PREREQ(2.50)
 
-AC_INIT(ModSecurity, 2.5, mod-security-users@lists.sourceforge.net, modsecurity-apache)
+AC_INIT()
+dnl AC_INIT(ModSecurity, 2.5, mod-security-users@lists.sourceforge.net, modsecurity-apache)
 AC_CONFIG_SRCDIR([mod_security2.c])
 AC_CONFIG_HEADER([mod_security2_config.h])
 AC_CONFIG_AUX_DIR([build])
@@ -36,7 +37,7 @@ AC_TYPE_UINT8_T
 # Checks for library functions.
 AC_FUNC_MALLOC
 AC_FUNC_MEMCMP
-AC_CHECK_FUNCS([atexit getcwd memset strcasecmp strchr strdup strerror strncasecmp strrchr strstr strtol])
+AC_CHECK_FUNCS([atexit fchmod getcwd memset strcasecmp strchr strdup strerror strncasecmp strrchr strstr strtol])
 
 # Find apxs
 AC_MSG_NOTICE(looking for Apache module support via DSO through APXS)

apache2/mod_security2_config.h.in

@@ -3,6 +3,9 @@
 /* Define to 1 if you have the `atexit' function. */
 #undef HAVE_ATEXIT
 
+/* Define to 1 if you have the `fchmod' function. */
+#undef HAVE_FCHMOD
+
 /* Define to 1 if you have the <fcntl.h> header file. */
 #undef HAVE_FCNTL_H
 

apache2/modsecurity.h

@@ -444,6 +444,7 @@ struct directory_config {
     const char          *upload_dir;
     int                  upload_keep_files;
     int                  upload_validates_files;
+    int                  upload_filemode;
 
     /* Used only in the configuration phase. */
     msre_rule           *tmp_chain_starter;

apache2/msc_multipart.c

@@ -9,7 +9,9 @@
  *
  */
 #include <ctype.h>
+#include <sys/stat.h>
 
+#include "mod_security2_config.h"
 #include "msc_multipart.h"
 #include "msc_util.h"
 #include "msc_parsers.h"
@@ -393,6 +395,21 @@ static int multipart_process_part_data(modsec_rec *msr, char **error_msg) {
                     msr_log(msr, 4, "Multipart: Created temporary file: %s",
                         log_escape_nq(msr->mp, msr->mpd->mpp->tmp_file_name));
                 }
+
+                #ifdef HAVE_FCHMOD
+                if (msr->txcfg->debuglog_level >= 9) {
+                    msr_log(msr, 9, "Multipart: Changing file mode to %04o: %s", msr->txcfg->upload_filemode, log_escape_nq(msr->mp, msr->mpd->mpp->tmp_file_name));
+                }
+                if (fchmod(msr->mpd->mpp->tmp_file_fd, msr->txcfg->upload_filemode) < 0) {
+                    
+                    char errbuf[256];
+                    if (msr->txcfg->debuglog_level >= 3) {
+                        msr_log(msr, 3, "Multipart: Could not change mode on \"%s\" (%d): %s",
+                            log_escape_nq(msr->mp, msr->mpd->mpp->tmp_file_name),
+                            errno, apr_strerror(APR_FROM_OS_ERROR(errno), errbuf, 256));
+                    }
+                }
+                #endif
             }
 
             /* write the reserve first */

doc/modsecurity2-apache-reference.xml

@@ -3,7 +3,7 @@
   <title>ModSecurity Reference Manual</title>
 
   <articleinfo>
-    <releaseinfo>Version 2.5.0-rc2/ (January 23, 2008)</releaseinfo>
+    <releaseinfo>Version 2.5.0-rc2/ (January 24, 2008)</releaseinfo>
 
     <copyright>
       <year>2004-2008</year>
@@ -2002,6 +2002,29 @@ SecRuleUpdateActionById 12345 "t:compressWhitespace,deny,status:403,msg:'A new m
       <literal>SecUploadKeepFiles</literal>.</para>
     </section>
 
+    <section>
+      <title><literal>SecUploadFileMode</literal></title>
+
+      <para><emphasis>Description:</emphasis> Configures the mode
+      (permissions) of any uploaded files using an octal number.</para>
+
+      <para><emphasis>Syntax:</emphasis> <literal
+      moreinfo="none">SecUploadFileMode octal_mode</literal></para>
+
+      <para><emphasis>Example Usage:</emphasis> <literal
+      moreinfo="none">SecUploadFileMode 0640</literal></para>
+
+      <para><emphasis>Processing Phase:</emphasis> N/A</para>
+
+      <para><emphasis>Scope:</emphasis> Any</para>
+
+      <para><emphasis>Dependencies/Notes:</emphasis> The mode is an octal
+      number (as used in chmod). The default mode is for only the account
+      writing the file to have read/write access (0600). Use this directive
+      with caution to avoid exposing potentially sensitive data to
+      unauthorized users.</para>
+    </section>
+
     <section>
       <title><literal>SecUploadKeepFiles</literal></title>