projects / moodle.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a39d297) | patch
MDL-59969 admin: Warn admins if a development libs directory exists
authorDavid Mudrák <david@moodle.com>
Tue, 29 Aug 2017 17:01:40 +0000 (19:01 +0200)
committerDavid Monllao <davidm@moodle.com>
Thu, 7 Sep 2017 08:53:35 +0000 (10:53 +0200)
commit911fcae89595200d4a48bc6dc6bc1bd9b73c694b
treebaca7f2c731fed58ab247a499b30a788471e8849tree | snapshot
parenta39d2976fe5e91da7a28a8512d5b94d4a27067b8commit | diff
MDL-59969 admin: Warn admins if a development libs directory exists

We can't really control the direct web access to directories in dirroot,
that is part of the server setup. So we at least warn admins as they may
not realize the risks of having directories like vendor or node_modules
exposed.

Credit goes to Petr Škoda for mentioning the PHPUnit issue CVE-2017-9841
to me.
admin/index.php diff | blob | blame | history
admin/renderer.php diff | blob | blame | history
lang/en/admin.php diff | blob | blame | history
report/security/lang/en/report_security.php diff | blob | blame | history
report/security/locallib.php diff | blob | blame | history
Moodle official production repository