You are here

function security_review_check_private_files in Security Review 6

Same name and namespace in other branches
  1. 7 security_review.inc \security_review_check_private_files()

If private files is enabled check that the directory is not under the web root.

There is ample room for the user to get around this check. @TODO get more sophisticated?

1 string reference to 'security_review_check_private_files'
_security_review_security_checks in ./security_review.inc
Checks for security_review_security_checks() or security_review_get_checks().

File

./security_review.inc, line 387
Stand-alone security checks and review system.

Code

function security_review_check_private_files() {
  $file_downloads = variable_get('file_downloads', FILE_DOWNLOADS_PUBLIC);
  if ($file_downloads == FILE_DOWNLOADS_PRIVATE) {
    $file_directory_path = file_directory_path();
    if (strpos($file_directory_path, '/') === 0) {

      // Path begins at root.
      $result = TRUE;
    }
    elseif (strpos($file_directory_path, '../') === 0) {

      // Path begins by moving up the system.
      $result = FALSE;
    }
    else {

      // Directory is relative (or crafty).
      $result = FALSE;
    }
  }
  else {
    $result = NULL;
  }
  return array(
    'result' => $result,
  );
}