From 99c89bf880775aafc1d442149015963402811a9d Mon Sep 17 00:00:00 2001
From: maddinxx <maddinxx@ispconfig3>
Date: Thu, 16 Aug 2012 17:03:34 -0400
Subject: [PATCH] better security for auth.log file

---
 install/lib/installer_base.lib.php |    6 ++++--
 1 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/install/lib/installer_base.lib.php b/install/lib/installer_base.lib.php
index 1933db8..d0995e8 100644
--- a/install/lib/installer_base.lib.php
+++ b/install/lib/installer_base.lib.php
@@ -1957,9 +1957,11 @@
 			touch($conf['ispconfig_log_dir'].'/ispconfig.log');
 		}
 
-		//* Create the ispconfig auth log file
+		//* Create the ispconfig auth log file and set uid/gid
 		if(!is_file($conf['ispconfig_log_dir'].'/auth.log')) {
-			touch($conf['ispconfig_log_dir'].'/auth.log', 0666);
+			touch($conf['ispconfig_log_dir'].'/auth.log');
+			exec('chown ispconfig:ispconfig '. $conf['ispconfig_log_dir'].'/auth.log');
+			exec('chmod 660 '. $conf['ispconfig_log_dir'].'/auth.log');
 		}
 
 		if(is_user('getmail')) {

--
Gitblit v1.9.1