Commit be3234e0 authored by tekati's avatar tekati
Browse files

Removed other group permissions o= from pam.d/smtp file in installer_base.lib.php file.

parent 0d27f8b7
......@@ -637,6 +637,8 @@ class installer_base {
//* configure pam for SMTP authentication agains the ispconfig database
$configfile = 'pamd_smtp';
if(is_file("$pam/smtp")) copy("$pam/smtp", "$pam/smtp~");
// On some OSes smtp is world readable which allows for reading database information. Removing world readable rights should have no effect.
if(is_file("$pam/smtp")) exec("chmod o= $pam/smtp");
if(is_file("$pam/smtp~")) exec("chmod 400 $pam/smtp~");
$content = rf("tpl/$configfile.master");
......@@ -1638,4 +1640,4 @@ class installer_base {
\ No newline at end of file
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment