Fix bug #127645.

author Luca Longinotti <chtekk@gentoo.org>

Tue, 28 Mar 2006 11:04:42 +0000 (11:04 +0000)

committer Luca Longinotti <chtekk@gentoo.org>

Tue, 28 Mar 2006 11:04:42 +0000 (11:04 +0000)
author Luca Longinotti <chtekk@gentoo.org>
Tue, 28 Mar 2006 11:04:42 +0000 (11:04 +0000)
committer Luca Longinotti <chtekk@gentoo.org>
Tue, 28 Mar 2006 11:04:42 +0000 (11:04 +0000)
diff --git a/dev-lang/php/ChangeLog b/dev-lang/php/ChangeLog

index cf2368ab2822aecea3a94ebad6f5b5674682cd91..08495828cd3d18c644b9cfa0e60252ca28e2b4c1 100644 (file)
--- a/dev-lang/php/ChangeLog
+++ b/dev-lang/php/ChangeLog
@@ -1,6 +1,11 @@
  # ChangeLog for dev-lang/php
  # Copyright 1999-2006 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/dev-lang/php/ChangeLog,v 1.81 2006/03/24 23:04:27 chtekk Exp $
+# $Header: /var/cvsroot/gentoo-x86/dev-lang/php/ChangeLog,v 1.82 2006/03/28 11:04:42 chtekk Exp $
+
+  28 Mar 2006; Luca Longinotti <chtekk@gentoo.org>
+  files/70_mod_php.conf-apache1, files/70_mod_php.conf-apache2,
+  files/70_mod_php5.conf-apache1, files/70_mod_php5.conf-apache2:
+  Change config files to fix bug #127645.
  
    24 Mar 2006; Luca Longinotti <chtekk@gentoo.org>
    files/70_mod_php.conf-apache1, files/70_mod_php5.conf-apache1,
diff --git a/dev-lang/php/Manifest b/dev-lang/php/Manifest

index 8be51b6e78afa75895dfd8856ae3cf870773904c..cee156c88a79894698fa6d50324a0f86b39f7a07 100644 (file)
--- a/dev-lang/php/Manifest
+++ b/dev-lang/php/Manifest
@@ -1,18 +1,18 @@
-MD5 a4c36655ccfcd23086e9afc7451536d5 ChangeLog 18873
-RMD160 328453b6a42e9bd13f9e2faac041dfd316fb32bf ChangeLog 18873
-SHA256 7af71e42caeae5251d59490f2553cd1026c3a03d7c68ebd45695c0ae3f595c8d ChangeLog 18873
-MD5 6171c7aa95f69b8a54b0f29bd1056d2b files/70_mod_php.conf-apache1 454
-RMD160 869b5c225782690889bdfa5227a8f46c33ac71d3 files/70_mod_php.conf-apache1 454
-SHA256 9e6227e508f0c297f48c667e2135c7692f7943b3d0cd2ffdbdcca0bad5220343 files/70_mod_php.conf-apache1 454
-MD5 4a84c92760a7758b6446a62cabb8beed files/70_mod_php.conf-apache2 458
-RMD160 d2de515f92639d817a67c3a44db3e3dff4864974 files/70_mod_php.conf-apache2 458
-SHA256 06e3046fa7352eb2349967382bff711c01f6600688b8f49569ceacf2a31b130a files/70_mod_php.conf-apache2 458
-MD5 acdac68b3a1afd99aaf37e818bc921e3 files/70_mod_php5.conf-apache1 494
-RMD160 52b3137709eaa38a5a024d8d76f9970ca49b5485 files/70_mod_php5.conf-apache1 494
-SHA256 d6755b60c2d22b315e3affe501a5c4883180736d3b46839b89334a1123ecfe52 files/70_mod_php5.conf-apache1 494
-MD5 acdac68b3a1afd99aaf37e818bc921e3 files/70_mod_php5.conf-apache2 494
-RMD160 52b3137709eaa38a5a024d8d76f9970ca49b5485 files/70_mod_php5.conf-apache2 494
-SHA256 d6755b60c2d22b315e3affe501a5c4883180736d3b46839b89334a1123ecfe52 files/70_mod_php5.conf-apache2 494
+MD5 944386fd1bae4dd774ed4f86d997bc64 ChangeLog 19097
+RMD160 1d9555f6eec751f0d038381c3d8de619af6136c9 ChangeLog 19097
+SHA256 babfe2c96310e3355ac30d6cc61b77ccc604537681c3f4cc93837cb52e6429ea ChangeLog 19097
+MD5 3806f18d76cf4c3e05fd3ccd02f59f69 files/70_mod_php.conf-apache1 743
+RMD160 20d8a4c90c0e723e6796f93757ce5960774792c2 files/70_mod_php.conf-apache1 743
+SHA256 671c97ce7cb23b3062e01f6c713f817d50d6b6f1b1f388023e3012455b84968a files/70_mod_php.conf-apache1 743
+MD5 e7cd6529623bb119882418654cdc133e files/70_mod_php.conf-apache2 755
+RMD160 5528a3a3f02c0a1f3e5085890ba3cb817816cb36 files/70_mod_php.conf-apache2 755
+SHA256 765064e2290776699d0362b26b379e0a365528f52fe784a3d504af2414e251d1 files/70_mod_php.conf-apache2 755
+MD5 dfa073cfe1693267de99f237c4dd9396 files/70_mod_php5.conf-apache1 787
+RMD160 ff1aabd4df474f757491430b482a8e8bf8bc2a10 files/70_mod_php5.conf-apache1 787
+SHA256 612a5c844571369cbe49f9f8e2842cc32677d9de78c475a38f834a6b8714cb4a files/70_mod_php5.conf-apache1 787
+MD5 dfa073cfe1693267de99f237c4dd9396 files/70_mod_php5.conf-apache2 787
+RMD160 ff1aabd4df474f757491430b482a8e8bf8bc2a10 files/70_mod_php5.conf-apache2 787
+SHA256 612a5c844571369cbe49f9f8e2842cc32677d9de78c475a38f834a6b8714cb4a files/70_mod_php5.conf-apache2 787
  MD5 7ac3f86eb868abf5bcb23a3a758d82dc files/digest-php-4.3.11-r5 1093
  RMD160 4de7599dea4b17a9eaee8987512ca0d2ed596c69 files/digest-php-4.3.11-r5 1093
  SHA256 9476ccfbeb934abc7dc1973013e0dc5f185246168dbd6d668c88eb6bb5365494 files/digest-php-4.3.11-r5 1093
diff --git a/dev-lang/php/files/70_mod_php.conf-apache1 b/dev-lang/php/files/70_mod_php.conf-apache1

index 6d352b03b303d3084fcc6f7d74a3a61a8c0dc087..6540ac7f65b5484118a64d7ad7e4ef6297a6e25d 100644 (file)
--- a/dev-lang/php/files/70_mod_php.conf-apache1
+++ b/dev-lang/php/files/70_mod_php.conf-apache1
@@ -5,14 +5,26 @@
                 LoadModule php4_module    modules/libphp4.so
         </IfModule>
  
-       # Set it to handle the files
-       <IfModule mod_mime.c>
-               AddType application/x-httpd-php .php
-               AddType application/x-httpd-php .phtml
-               AddType application/x-httpd-php .php3
-               AddType application/x-httpd-php .php4
-               AddType application/x-httpd-php-source .phps
+       # If the module still isn't loaded, block access to PHP files
+       # Should help raise security, see bug #127645
+       <IfModule !mod_php4.c>
+               <Files ~ "\.ph(p|html|p3|p4)">
+                       Order Deny,Allow
+                       Deny from all
+               </Files>
+       </IfModule>
+
+       # Set it to handle the files, if it's loaded
+       <IfModule mod_php4.c>
+               <IfModule mod_mime.c>
+                       AddType application/x-httpd-php .php
+                       AddType application/x-httpd-php .phtml
+                       AddType application/x-httpd-php .php3
+                       AddType application/x-httpd-php .php4
+                       AddType application/x-httpd-php-source .phps
+               </IfModule>
         </IfModule>
  
         AddDirectoryIndex index.php index.phtml
+
  </IfDefine>
diff --git a/dev-lang/php/files/70_mod_php.conf-apache2 b/dev-lang/php/files/70_mod_php.conf-apache2

index d3ca2eaa00a0fbdcc068dd715159c8e3140d77f7..6b77e45db80a48159db7d60bbcd59d00e7c34ef5 100644 (file)
--- a/dev-lang/php/files/70_mod_php.conf-apache2
+++ b/dev-lang/php/files/70_mod_php.conf-apache2
@@ -5,14 +5,26 @@
                 LoadModule php4_module    modules/libphp4.so
         </IfModule>
  
-       # Set it to handle the files
-       <IfModule mod_mime.c>
-               AddType application/x-httpd-php .php
-               AddType application/x-httpd-php .phtml
-               AddType application/x-httpd-php .php3
-               AddType application/x-httpd-php .php4
-               AddType application/x-httpd-php-source .phps
+       # If the module still isn't loaded, block access to PHP files
+       # Should help raise security, see bug #127645
+       <IfModule !sapi_apache2.c>
+               <Files ~ "\.ph(p|html|p3|p4)">
+                       Order Deny,Allow
+                       Deny from all
+               </Files>
+       </IfModule>
+
+       # Set it to handle the files, if it's loaded
+       <IfModule sapi_apache2.c>
+               <IfModule mod_mime.c>
+                       AddType application/x-httpd-php .php
+                       AddType application/x-httpd-php .phtml
+                       AddType application/x-httpd-php .php3
+                       AddType application/x-httpd-php .php4
+                       AddType application/x-httpd-php-source .phps
+               </IfModule>
         </IfModule>
  
         AddDirectoryIndex index.php index.phtml
+
  </IfDefine>
diff --git a/dev-lang/php/files/70_mod_php5.conf-apache1 b/dev-lang/php/files/70_mod_php5.conf-apache1

index e7604dffb0428cb6e26bd03846115fc295f011f5..861c9414ca02e3e705b5a7bfe70c46e2927f1fb1 100644 (file)
--- a/dev-lang/php/files/70_mod_php5.conf-apache1
+++ b/dev-lang/php/files/70_mod_php5.conf-apache1
@@ -5,15 +5,27 @@
                 LoadModule php5_module    modules/libphp5.so
         </IfModule>
  
-       # Set it to handle the files
-       <IfModule mod_mime.c>
-               AddType application/x-httpd-php .php
-               AddType application/x-httpd-php .phtml
-               AddType application/x-httpd-php .php3
-               AddType application/x-httpd-php .php4
-               AddType application/x-httpd-php .php5
-               AddType application/x-httpd-php-source .phps
+       # If the module still isn't loaded, block access to PHP files
+       # Should help raise security, see bug #127645
+       <IfModule !mod_php5.c>
+               <Files ~ "\.ph(p|html|p3|p4|p5)">
+                       Order Deny,Allow
+                       Deny from all
+               </Files>
+       </IfModule>
+
+       # Set it to handle the files, if it's loaded
+       <IfModule mod_php5.c>
+               <IfModule mod_mime.c>
+                       AddType application/x-httpd-php .php
+                       AddType application/x-httpd-php .phtml
+                       AddType application/x-httpd-php .php3
+                       AddType application/x-httpd-php .php4
+                       AddType application/x-httpd-php .php5
+                       AddType application/x-httpd-php-source .phps
+               </IfModule>
         </IfModule>
  
         AddDirectoryIndex index.php index.phtml
+
  </IfDefine>
diff --git a/dev-lang/php/files/70_mod_php5.conf-apache2 b/dev-lang/php/files/70_mod_php5.conf-apache2

index e7604dffb0428cb6e26bd03846115fc295f011f5..861c9414ca02e3e705b5a7bfe70c46e2927f1fb1 100644 (file)
--- a/dev-lang/php/files/70_mod_php5.conf-apache2
+++ b/dev-lang/php/files/70_mod_php5.conf-apache2
@@ -5,15 +5,27 @@
                 LoadModule php5_module    modules/libphp5.so
         </IfModule>
  
-       # Set it to handle the files
-       <IfModule mod_mime.c>
-               AddType application/x-httpd-php .php
-               AddType application/x-httpd-php .phtml
-               AddType application/x-httpd-php .php3
-               AddType application/x-httpd-php .php4
-               AddType application/x-httpd-php .php5
-               AddType application/x-httpd-php-source .phps
+       # If the module still isn't loaded, block access to PHP files
+       # Should help raise security, see bug #127645
+       <IfModule !mod_php5.c>
+               <Files ~ "\.ph(p|html|p3|p4|p5)">
+                       Order Deny,Allow
+                       Deny from all
+               </Files>
+       </IfModule>
+
+       # Set it to handle the files, if it's loaded
+       <IfModule mod_php5.c>
+               <IfModule mod_mime.c>
+                       AddType application/x-httpd-php .php
+                       AddType application/x-httpd-php .phtml
+                       AddType application/x-httpd-php .php3
+                       AddType application/x-httpd-php .php4
+                       AddType application/x-httpd-php .php5
+                       AddType application/x-httpd-php-source .phps
+               </IfModule>
         </IfModule>
  
         AddDirectoryIndex index.php index.phtml
+
  </IfDefine>
author	Luca Longinotti <chtekk@gentoo.org>
	Tue, 28 Mar 2006 11:04:42 +0000 (11:04 +0000)
committer	Luca Longinotti <chtekk@gentoo.org>
	Tue, 28 Mar 2006 11:04:42 +0000 (11:04 +0000)
dev-lang/php/ChangeLog		patch \| blob \| history
dev-lang/php/Manifest		patch \| blob \| history
dev-lang/php/files/70_mod_php.conf-apache1		patch \| blob \| history
dev-lang/php/files/70_mod_php.conf-apache2		patch \| blob \| history
dev-lang/php/files/70_mod_php5.conf-apache1		patch \| blob \| history
dev-lang/php/files/70_mod_php5.conf-apache2		patch \| blob \| history