Translating Moodle: [AMOS commit] MDL-59969 admin: Warn admins if a development libs directory exists Committed into Git: 2017-08-29 17:01 UTC

[AMOS commit] MDL-59969 admin: Warn admins if a development libs directory exists Committed into Git: 2017-08-29 17:01 UTC

by AMOS bot - Friday, 15 September 2017, 6:22 PM

Author: David Mudrák
MDL-59969 admin: Warn admins if a development libs directory exists
We can't really control the direct web access to directories in dirroot,
that is part of the server setup. So we at least warn admins as they may
not realize the risks of having directories like vendor or node_modules
exposed.

Credit goes to Petr Škoda for mentioning the PHPUnit issue CVE-2017-9841
to me.

http://git.moodle.org/gw?p=moodle.git;a=commit;h=26663756fbf9efed48d70ddc61992edeb4567fd9
http://github.com/moodle/moodle/commit/26663756fbf9efed48d70ddc61992edeb4567fd9

+ 3.1 en [devlibdirpresent,core_admin]
+ 3.1 en [check_nodemodules_details,report_security]
+ 3.1 en [check_nodemodules_info,report_security]
+ 3.1 en [check_nodemodules_name,report_security]
+ 3.1 en [check_vendordir_details,report_security]
+ 3.1 en [check_vendordir_info,report_security]
+ 3.1 en [check_vendordir_name,report_security]

Notification of string changes

[AMOS commit] MDL-59969 admin: Warn admins if a development libs directory exists Committed into Git: 2017-08-29 17:01 UTC

[AMOS commit] MDL-59969 admin: Warn admins if a development libs directory exists Committed into Git: 2017-08-29 17:01 UTC

Empowering educators to improve our world

Moodle

Support

Get Involved

Contributions

Downloads

Tracker

Development

Empowering educators to improve our world