Opened 4 years ago

Closed 4 years ago

#31983 closed Cleanup/optimization (fixed)

Add a warning if the file system cache location is within the static or media roots

Reported by: christa Owned by: christa
Component: Core (Cache system) Version: dev
Severity: Normal Keywords: cache check
Cc: Johannes Maron Triage Stage: Ready for checkin
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: yes UI/UX: no

Description (last modified by Johannes Maron)

Hi,

I have been reported an issue regarding the file system cache location to security team one month ago. And the conclusion is to check whether file system cache's location is a subdirectory of special location.

I wrote a check function and require a ticket to make a PR.

Change History (10)

comment:1 by Johannes Maron, 4 years ago

Cc: Johannes Maron added
Component: Testing frameworkCore (Cache system)
Description: modified (diff)
Easy pickings: set
Needs documentation: set
Needs tests: set
Patch needs improvement: set
Summary: Add security check for cache locationAdd a warning if the file system cache location is within the static or media roots
Triage Stage: UnreviewedAccepted
Type: UncategorizedCleanup/optimization
Version: 3.1master

Hi there,

You are making an excellent point. Since this seems to be your first code contribution, I recommend checking out the contribution guidelines to get you kick-started.

Beyond that, I will do a review of your patch. Of the bat I can tell you that tests are missing. You will find examples for how to write a test by reviewing the tests for similar checks.

Let me know if you need any pointers.

Best,
Joe

comment:2 by Manav Agarwal, 4 years ago

May I work on this issue.If yes, please assign the same to me and also please provide some code pointers as well. :)

Last edited 4 years ago by Manav Agarwal (previous) (diff)

comment:3 by Bhavna, 4 years ago

Owner: changed from nobody to Bhavna
Status: newassigned

comment:4 by Mariusz Felisiak, 4 years ago

Owner: changed from Bhavna to christa

PR

Bhavna, patch is already prepared.

comment:5 by Johannes Maron, 4 years ago

Needs tests: unset

comment:6 by Johannes Maron, 4 years ago

Needs documentation: unset
Patch needs improvement: unset
Triage Stage: AcceptedReady for checkin

comment:7 by Mariusz Felisiak, 4 years ago

Patch needs improvement: set
Triage Stage: Ready for checkinAccepted

comment:8 by Jacob Walls, 4 years ago

Patch needs improvement: unset

Author updated patch.

comment:9 by Carlton Gibson, 4 years ago

Triage Stage: AcceptedReady for checkin

comment:10 by Mariusz Felisiak <felisiak.mariusz@…>, 4 years ago

Resolution: fixed
Status: assignedclosed

In c36075a:

Fixed #31983 -- Added system check for file system caches location.

Thanks Johannes Maron and Nick Pope for reviews.

Note: See TracTickets for help on using tickets.
Back to Top