github/vesta
1
0
Fork 0
mirror of https://github.com/serghey-rodin/vesta.git synced 2025-08-14 10:37:39 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Restrict v-make-tmp-file to tmp folder

Browse source
This commit is contained in:
Anton Reutov 2021-07-27 14:42:25 +03:00 committed by GitHub
commit ea1e22613e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
web/api/index.php
View file

@ -104,7 +104,7 @@ if (isset($_POST['user']) || isset($_POST['hash'])) {
// Check command
if ($cmd == "'v-make-tmp-file'") {
// Used in DNS Cluster
$fp = fopen($_POST['arg2'], 'w');
$fp = fopen('/tmp/'.basename($_POST['arg2']), 'w');
fwrite($fp, $_POST['arg1']."\n");
fclose($fp);
$return_var = 0;