-
-
Save beberlei/dc6e4b018988cba7e211 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
commit f25c8aab83e0c3e976fd7d19875f198ccf2f7535 | |
Author: Benjamin Eberlei <kontakt@beberlei.de> | |
Date: Mon Aug 31 13:54:27 2015 +0200 | |
[DCOM-293] Fix security misconfiguration vulnerability that can allow local arbitrary code execution. | |
diff --git a/lib/Doctrine/Common/Annotations/FileCacheReader.php b/lib/Doctrine/Common/Annotations/FileCacheReader.php | |
index 2acfa31..24add1b 100644 | |
--- a/lib/Doctrine/Common/Annotations/FileCacheReader.php | |
+++ b/lib/Doctrine/Common/Annotations/FileCacheReader.php | |
@@ -57,6 +57,11 @@ class FileCacheReader implements Reader | |
private $classNameHashes = array(); | |
/** | |
+ * @var int | |
+ */ | |
+ private $umask; | |
+ | |
+ /** | |
* Constructor. | |
* | |
* @param Reader $reader | |
@@ -65,10 +70,19 @@ class FileCacheReader implements Reader | |
* | |
* @throws \InvalidArgumentException | |
*/ | |
- public function __construct(Reader $reader, $cacheDir, $debug = false) | |
+ public function __construct(Reader $reader, $cacheDir, $debug = false, $umask = 0002) | |
{ | |
+ if ( ! is_int($umask)) { | |
+ throw new \InvalidArgumentException(sprintf( | |
+ 'The parameter umask must be an integer, was: %s', | |
+ gettype($umask) | |
+ )); | |
+ } | |
+ | |
$this->reader = $reader; | |
- if (!is_dir($cacheDir) && !@mkdir($cacheDir, 0777, true)) { | |
+ $this->umask = $umask; | |
+ | |
+ if (!is_dir($cacheDir) && !@mkdir($cacheDir, 0777 & (~$this->umask), true)) { | |
throw new \InvalidArgumentException(sprintf('The directory "%s" does not exist and could not be created.', $cacheDir)); | |
} | |
@@ -206,12 +220,12 @@ class FileCacheReader implements Reader | |
throw new \RuntimeException(sprintf('Unable to write cached file to: %s', $tempfile)); | |
} | |
+ @chmod($tempfile, 0666 & (~$this->umask)); | |
+ | |
if (false === rename($tempfile, $path)) { | |
@unlink($tempfile); | |
throw new \RuntimeException(sprintf('Unable to rename %s to %s', $tempfile, $path)); | |
} | |
- | |
- @chmod($path, 0666 & ~umask()); | |
} | |
/** |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
commit 5d9340412c24706f9ac5cd34a58e91592f2ce130 | |
Author: Benjamin Eberlei <kontakt@beberlei.de> | |
Date: Wed Aug 12 09:53:11 2015 +0200 | |
[DCOM-293] Fix privilege escalaction security vulnerability in PhpFileCache. | |
diff --git a/lib/Doctrine/Common/Cache/FileCache.php b/lib/Doctrine/Common/Cache/FileCache.php | |
index 651b3fb..9ad3ce2 100644 | |
--- a/lib/Doctrine/Common/Cache/FileCache.php | |
+++ b/lib/Doctrine/Common/Cache/FileCache.php | |
@@ -55,6 +55,11 @@ abstract class FileCache extends CacheProvider | |
private $replacementCharacters = array('__', '-'); | |
/** | |
+ * @var int | |
+ */ | |
+ private $umask; | |
+ | |
+ /** | |
* Constructor. | |
* | |
* @param string $directory The cache directory. | |
@@ -62,8 +67,17 @@ abstract class FileCache extends CacheProvider | |
* | |
* @throws \InvalidArgumentException | |
*/ | |
- public function __construct($directory, $extension = '') | |
+ public function __construct($directory, $extension = '', $umask = 0002) | |
{ | |
+ // YES, this needs to be *before* createPathIfNeeded() | |
+ if ( ! is_int($umask)) { | |
+ throw new \InvalidArgumentException(sprintf( | |
+ 'The umask parameter is required to be integer, was: %s', | |
+ gettype($umask) | |
+ )); | |
+ } | |
+ $this->umask = $umask; | |
+ | |
if ( ! $this->createPathIfNeeded($directory)) { | |
throw new \InvalidArgumentException(sprintf( | |
'The directory "%s" does not exist and could not be created.', | |
@@ -78,6 +92,7 @@ abstract class FileCache extends CacheProvider | |
)); | |
} | |
+ // YES, this needs to be *after* createPathIfNeeded() | |
$this->directory = realpath($directory); | |
$this->extension = (string) $extension; | |
} | |
@@ -167,7 +182,7 @@ abstract class FileCache extends CacheProvider | |
private function createPathIfNeeded($path) | |
{ | |
if ( ! is_dir($path)) { | |
- if (false === @mkdir($path, 0777, true) && !is_dir($path)) { | |
+ if (false === @mkdir($path, 0777 & (~$this->umask), true) && !is_dir($path)) { | |
return false; | |
} | |
} | |
@@ -196,11 +211,10 @@ abstract class FileCache extends CacheProvider | |
} | |
$tmpFile = tempnam($filepath, 'swap'); | |
+ @chmod($tmpFile, 0666 & (~$this->umask)); | |
if (file_put_contents($tmpFile, $content) !== false) { | |
if (@rename($tmpFile, $filename)) { | |
- @chmod($filename, 0666 & ~umask()); | |
- | |
return true; | |
} | |
diff --git a/lib/Doctrine/Common/Cache/FilesystemCache.php b/lib/Doctrine/Common/Cache/FilesystemCache.php | |
index 6b44aa0..29d5e07 100644 | |
--- a/lib/Doctrine/Common/Cache/FilesystemCache.php | |
+++ b/lib/Doctrine/Common/Cache/FilesystemCache.php | |
@@ -32,9 +32,9 @@ class FilesystemCache extends FileCache | |
/** | |
* {@inheritdoc} | |
*/ | |
- public function __construct($directory, $extension = self::EXTENSION) | |
+ public function __construct($directory, $extension = self::EXTENSION, $umask = 0002) | |
{ | |
- parent::__construct($directory, $extension); | |
+ parent::__construct($directory, $extension, $umask); | |
} | |
/** | |
diff --git a/lib/Doctrine/Common/Cache/PhpFileCache.php b/lib/Doctrine/Common/Cache/PhpFileCache.php | |
index 12dda5a..5e75196 100644 | |
--- a/lib/Doctrine/Common/Cache/PhpFileCache.php | |
+++ b/lib/Doctrine/Common/Cache/PhpFileCache.php | |
@@ -32,9 +32,9 @@ class PhpFileCache extends FileCache | |
/** | |
* {@inheritdoc} | |
*/ | |
- public function __construct($directory, $extension = self::EXTENSION) | |
+ public function __construct($directory, $extension = self::EXTENSION, $umask = 0002) | |
{ | |
- parent::__construct($directory, $extension); | |
+ parent::__construct($directory, $extension, $umask); | |
} | |
/** |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
commit b3ae747e4e63d8785b745762830850160eac2ab4 | |
Author: Benjamin Eberlei <kontakt@beberlei.de> | |
Date: Mon Aug 31 14:20:35 2015 +0200 | |
[DCOM-293] Fix security misconfiguration vulnerability that can lead to local arbitrary code execution. | |
diff --git a/lib/Doctrine/Common/Proxy/ProxyGenerator.php b/lib/Doctrine/Common/Proxy/ProxyGenerator.php | |
index 4c5a239..3941f17 100644 | |
--- a/lib/Doctrine/Common/Proxy/ProxyGenerator.php | |
+++ b/lib/Doctrine/Common/Proxy/ProxyGenerator.php | |
@@ -302,6 +302,7 @@ class <proxyShortClassName> extends \<className> implements \<baseProxyInterface | |
$tmpFileName = $fileName . '.' . uniqid('', true); | |
file_put_contents($tmpFileName, $proxyCode); | |
+ chmod($tmpFileName, 0664); | |
rename($tmpFileName, $fileName); | |
} | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
From ff2324a76bacfdf30a2fa0343cbc46718ee21381 Mon Sep 17 00:00:00 2001 | |
From: Maciej Malarz <malarzm@gmail.com> | |
Date: Mon, 31 Aug 2015 14:22:13 +0200 | |
Subject: [PATCH] Fix security misconfiguration vulnerability allowing local | |
remote arbitrary code execution. | |
--- | |
.../ODM/MongoDB/Hydrator/HydratorFactory.php | 1 + | |
.../Console/Command/GenerateHydratorsCommand.php | 2 +- | |
.../Console/Command/GenerateProxiesCommand.php | 2 +- | |
.../ODM/MongoDB/Tools/DocumentGenerator.php | 3 ++- | |
.../MongoDB/Tools/DocumentRepositoryGenerator.php | 3 ++- | |
.../Tests/Mapping/Symfony/AbstractDriverTest.php | 2 +- | |
6 files changed, 8 insertions(+), 5 deletions(-) | |
diff --git a/lib/Doctrine/ODM/MongoDB/Hydrator/HydratorFactory.php b/lib/Doctrine/ODM/MongoDB/Hydrator/HydratorFactory.php | |
index d6b13a0..ccda5bb 100644 | |
--- a/lib/Doctrine/ODM/MongoDB/Hydrator/HydratorFactory.php | |
+++ b/lib/Doctrine/ODM/MongoDB/Hydrator/HydratorFactory.php | |
@@ -414,6 +414,7 @@ EOF | |
$tmpFileName = $fileName . '.' . uniqid('', true); | |
file_put_contents($tmpFileName, $code); | |
rename($tmpFileName, $fileName); | |
+ chmod($fileName, 0664); | |
} | |
} | |
diff --git a/lib/Doctrine/ODM/MongoDB/Tools/Console/Command/GenerateHydratorsCommand.php b/lib/Doctrine/ODM/MongoDB/Tools/Console/Command/GenerateHydratorsCommand.php | |
index 1656532..4938152 100644 | |
--- a/lib/Doctrine/ODM/MongoDB/Tools/Console/Command/GenerateHydratorsCommand.php | |
+++ b/lib/Doctrine/ODM/MongoDB/Tools/Console/Command/GenerateHydratorsCommand.php | |
@@ -75,7 +75,7 @@ EOT | |
} | |
if ( ! is_dir($destPath)) { | |
- mkdir($destPath, 0777, true); | |
+ mkdir($destPath, 0775, true); | |
} | |
$destPath = realpath($destPath); | |
diff --git a/lib/Doctrine/ODM/MongoDB/Tools/Console/Command/GenerateProxiesCommand.php b/lib/Doctrine/ODM/MongoDB/Tools/Console/Command/GenerateProxiesCommand.php | |
index 8b92fae..79a200e 100644 | |
--- a/lib/Doctrine/ODM/MongoDB/Tools/Console/Command/GenerateProxiesCommand.php | |
+++ b/lib/Doctrine/ODM/MongoDB/Tools/Console/Command/GenerateProxiesCommand.php | |
@@ -75,7 +75,7 @@ EOT | |
} | |
if ( ! is_dir($destPath)) { | |
- mkdir($destPath, 0777, true); | |
+ mkdir($destPath, 0775, true); | |
} | |
$destPath = realpath($destPath); | |
diff --git a/lib/Doctrine/ODM/MongoDB/Tools/DocumentGenerator.php b/lib/Doctrine/ODM/MongoDB/Tools/DocumentGenerator.php | |
index ea02858..de3f1e3 100644 | |
--- a/lib/Doctrine/ODM/MongoDB/Tools/DocumentGenerator.php | |
+++ b/lib/Doctrine/ODM/MongoDB/Tools/DocumentGenerator.php | |
@@ -179,7 +179,7 @@ public function <methodName>() | |
$dir = dirname($path); | |
if ( ! is_dir($dir)) { | |
- mkdir($dir, 0777, true); | |
+ mkdir($dir, 0775, true); | |
} | |
$this->isNew = ! file_exists($path) || (file_exists($path) && $this->regenerateDocumentIfExists); | |
@@ -203,6 +203,7 @@ public function <methodName>() | |
} elseif ( ! $this->isNew && $this->updateDocumentIfExists) { | |
file_put_contents($path, $this->generateUpdatedDocumentClass($metadata, $path)); | |
} | |
+ chmod($path, 0664); | |
} | |
/** | |
diff --git a/lib/Doctrine/ODM/MongoDB/Tools/DocumentRepositoryGenerator.php b/lib/Doctrine/ODM/MongoDB/Tools/DocumentRepositoryGenerator.php | |
index a90c9e9..24da291 100644 | |
--- a/lib/Doctrine/ODM/MongoDB/Tools/DocumentRepositoryGenerator.php | |
+++ b/lib/Doctrine/ODM/MongoDB/Tools/DocumentRepositoryGenerator.php | |
@@ -76,11 +76,12 @@ class <className> extends DocumentRepository | |
$dir = dirname($path); | |
if ( ! is_dir($dir)) { | |
- mkdir($dir, 0777, true); | |
+ mkdir($dir, 0775, true); | |
} | |
if ( ! file_exists($path)) { | |
file_put_contents($path, $code); | |
+ chmod($path, 0664); | |
} | |
} | |
} | |
diff --git a/tests/Doctrine/ODM/MongoDB/Tests/Mapping/Symfony/AbstractDriverTest.php b/tests/Doctrine/ODM/MongoDB/Tests/Mapping/Symfony/AbstractDriverTest.php | |
index 2b6d7a5..eaa7323 100644 | |
--- a/tests/Doctrine/ODM/MongoDB/Tests/Mapping/Symfony/AbstractDriverTest.php | |
+++ b/tests/Doctrine/ODM/MongoDB/Tests/Mapping/Symfony/AbstractDriverTest.php | |
@@ -76,7 +76,7 @@ abstract class AbstractDriverTest extends \PHPUnit_Framework_TestCase | |
protected function setUp() | |
{ | |
$this->dir = sys_get_temp_dir().'/abstract_driver_test'; | |
- @mkdir($this->dir, 0777, true); | |
+ @mkdir($this->dir, 0775, true); | |
} | |
protected function tearDown() | |
-- | |
1.7.9.5 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
From 42565f1511d0cae687319e0479b9628aa963589c Mon Sep 17 00:00:00 2001 | |
From: Maciej Malarz <mpmalarz@exhibit-e.com> | |
Date: Mon, 31 Aug 2015 14:34:24 +0200 | |
Subject: [PATCH] Fix security misconfiguration vulnerability allowing local | |
remote arbitrary code execution. | |
--- | |
CacheWarmer/HydratorCacheWarmer.php | 2 +- | |
CacheWarmer/ProxyCacheWarmer.php | 2 +- | |
.../Compiler/CreateHydratorDirectoryPass.php | 2 +- | |
.../Compiler/CreateProxyDirectoryPass.php | 2 +- | |
4 files changed, 4 insertions(+), 4 deletions(-) | |
diff --git a/CacheWarmer/HydratorCacheWarmer.php b/CacheWarmer/HydratorCacheWarmer.php | |
index c0409c8..343aba5 100644 | |
--- a/CacheWarmer/HydratorCacheWarmer.php | |
+++ b/CacheWarmer/HydratorCacheWarmer.php | |
@@ -56,7 +56,7 @@ class HydratorCacheWarmer implements CacheWarmerInterface | |
// we need the directory no matter the hydrator cache generation strategy. | |
$hydratorCacheDir = $this->container->getParameter('doctrine_mongodb.odm.hydrator_dir'); | |
if (!file_exists($hydratorCacheDir)) { | |
- if (false === @mkdir($hydratorCacheDir, 0777, true)) { | |
+ if (false === @mkdir($hydratorCacheDir, 0775, true)) { | |
throw new \RuntimeException(sprintf('Unable to create the Doctrine Hydrator directory (%s)', dirname($hydratorCacheDir))); | |
} | |
} else if (!is_writable($hydratorCacheDir)) { | |
diff --git a/CacheWarmer/ProxyCacheWarmer.php b/CacheWarmer/ProxyCacheWarmer.php | |
index 7be81f4..e747c68 100644 | |
--- a/CacheWarmer/ProxyCacheWarmer.php | |
+++ b/CacheWarmer/ProxyCacheWarmer.php | |
@@ -56,7 +56,7 @@ class ProxyCacheWarmer implements CacheWarmerInterface | |
// we need the directory no matter the proxy cache generation strategy. | |
$proxyCacheDir = $this->container->getParameter('doctrine_mongodb.odm.proxy_dir'); | |
if (!file_exists($proxyCacheDir)) { | |
- if (false === @mkdir($proxyCacheDir, 0777, true)) { | |
+ if (false === @mkdir($proxyCacheDir, 0775, true)) { | |
throw new \RuntimeException(sprintf('Unable to create the Doctrine Proxy directory (%s)', dirname($proxyCacheDir))); | |
} | |
} else if (!is_writable($proxyCacheDir)) { | |
diff --git a/DependencyInjection/Compiler/CreateHydratorDirectoryPass.php b/DependencyInjection/Compiler/CreateHydratorDirectoryPass.php | |
index 3d79d30..c43e54b 100644 | |
--- a/DependencyInjection/Compiler/CreateHydratorDirectoryPass.php | |
+++ b/DependencyInjection/Compiler/CreateHydratorDirectoryPass.php | |
@@ -31,7 +31,7 @@ class CreateHydratorDirectoryPass implements CompilerPassInterface | |
// Create document proxy directory | |
$hydratorCacheDir = $container->getParameter('doctrine_mongodb.odm.hydrator_dir'); | |
if (!is_dir($hydratorCacheDir)) { | |
- if (false === @mkdir($hydratorCacheDir, 0777, true)) { | |
+ if (false === @mkdir($hydratorCacheDir, 0775, true)) { | |
exit(sprintf('Unable to create the Doctrine Hydrator directory (%s)', dirname($hydratorCacheDir))); | |
} | |
} elseif (!is_writable($hydratorCacheDir)) { | |
diff --git a/DependencyInjection/Compiler/CreateProxyDirectoryPass.php b/DependencyInjection/Compiler/CreateProxyDirectoryPass.php | |
index 2bc9830..2236c53 100644 | |
--- a/DependencyInjection/Compiler/CreateProxyDirectoryPass.php | |
+++ b/DependencyInjection/Compiler/CreateProxyDirectoryPass.php | |
@@ -31,7 +31,7 @@ class CreateProxyDirectoryPass implements CompilerPassInterface | |
// Create document proxy directory | |
$proxyCacheDir = $container->getParameter('doctrine_mongodb.odm.proxy_dir'); | |
if (!is_dir($proxyCacheDir)) { | |
- if (false === @mkdir($proxyCacheDir, 0777, true)) { | |
+ if (false === @mkdir($proxyCacheDir, 0775, true)) { | |
exit(sprintf('Unable to create the Doctrine Proxy directory (%s)', dirname($proxyCacheDir))); | |
} | |
} elseif (!is_writable($proxyCacheDir)) { | |
-- | |
1.7.9.5 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
commit 2b3648c725f82efc1f1b12e8e3e35c76df990b58 | |
Author: Benjamin Eberlei <kontakt@beberlei.de> | |
Date: Mon Aug 31 13:57:29 2015 +0200 | |
[DCOM-293] Fix security misconfiguration vulnerability allowing local remote arbitrary code execution. | |
diff --git a/lib/Doctrine/ORM/Cache/Region/FileLockRegion.php b/lib/Doctrine/ORM/Cache/Region/FileLockRegion.php | |
index 69167bc..d8d4b26 100644 | |
--- a/lib/Doctrine/ORM/Cache/Region/FileLockRegion.php | |
+++ b/lib/Doctrine/ORM/Cache/Region/FileLockRegion.php | |
@@ -61,7 +61,7 @@ class FileLockRegion implements ConcurrentRegion | |
*/ | |
public function __construct(Region $region, $directory, $lockLifetime) | |
{ | |
- if ( ! is_dir($directory) && ! @mkdir($directory, 0777, true)) { | |
+ if ( ! is_dir($directory) && ! @mkdir($directory, 0775, true)) { | |
throw new \InvalidArgumentException(sprintf('The directory "%s" does not exist and could not be created.', $directory)); | |
} | |
@@ -242,6 +242,7 @@ class FileLockRegion implements ConcurrentRegion | |
if ( ! @file_put_contents($filename, $lock->value, LOCK_EX)) { | |
return null; | |
} | |
+ chmod($filename, 0664); | |
return $lock; | |
} | |
diff --git a/lib/Doctrine/ORM/Tools/Console/Command/ConvertMappingCommand.php b/lib/Doctrine/ORM/Tools/Console/Command/ConvertMappingCommand.php | |
index 1f97a50..b229f4a 100644 | |
--- a/lib/Doctrine/ORM/Tools/Console/Command/ConvertMappingCommand.php | |
+++ b/lib/Doctrine/ORM/Tools/Console/Command/ConvertMappingCommand.php | |
@@ -137,7 +137,7 @@ EOT | |
// Process destination directory | |
if ( ! is_dir($destPath = $input->getArgument('dest-path'))) { | |
- mkdir($destPath, 0777, true); | |
+ mkdir($destPath, 0775, true); | |
} | |
$destPath = realpath($destPath); | |
diff --git a/lib/Doctrine/ORM/Tools/Console/Command/GenerateProxiesCommand.php b/lib/Doctrine/ORM/Tools/Console/Command/GenerateProxiesCommand.php | |
index 5221187..21edb9d 100644 | |
--- a/lib/Doctrine/ORM/Tools/Console/Command/GenerateProxiesCommand.php | |
+++ b/lib/Doctrine/ORM/Tools/Console/Command/GenerateProxiesCommand.php | |
@@ -79,7 +79,7 @@ EOT | |
} | |
if ( ! is_dir($destPath)) { | |
- mkdir($destPath, 0777, true); | |
+ mkdir($destPath, 0775, true); | |
} | |
$destPath = realpath($destPath); | |
diff --git a/lib/Doctrine/ORM/Tools/EntityGenerator.php b/lib/Doctrine/ORM/Tools/EntityGenerator.php | |
index ec83c4e..9027d9a 100644 | |
--- a/lib/Doctrine/ORM/Tools/EntityGenerator.php | |
+++ b/lib/Doctrine/ORM/Tools/EntityGenerator.php | |
@@ -364,7 +364,7 @@ public function __construct(<params>) | |
$dir = dirname($path); | |
if ( ! is_dir($dir)) { | |
- mkdir($dir, 0777, true); | |
+ mkdir($dir, 0775, true); | |
} | |
$this->isNew = !file_exists($path) || (file_exists($path) && $this->regenerateEntityIfExists); | |
@@ -389,6 +389,7 @@ public function __construct(<params>) | |
} elseif ( ! $this->isNew && $this->updateEntityIfExists) { | |
file_put_contents($path, $this->generateUpdatedEntityClass($metadata, $path)); | |
} | |
+ chmod($path, 0664); | |
} | |
/** | |
diff --git a/lib/Doctrine/ORM/Tools/EntityRepositoryGenerator.php b/lib/Doctrine/ORM/Tools/EntityRepositoryGenerator.php | |
index f94292a..f431588 100644 | |
--- a/lib/Doctrine/ORM/Tools/EntityRepositoryGenerator.php | |
+++ b/lib/Doctrine/ORM/Tools/EntityRepositoryGenerator.php | |
@@ -147,11 +147,12 @@ class <className> extends <repositoryName> | |
$dir = dirname($path); | |
if ( ! is_dir($dir)) { | |
- mkdir($dir, 0777, true); | |
+ mkdir($dir, 0775, true); | |
} | |
if ( ! file_exists($path)) { | |
file_put_contents($path, $code); | |
+ chmod($path, 0664); | |
} | |
} | |
diff --git a/lib/Doctrine/ORM/Tools/Export/Driver/AbstractExporter.php b/lib/Doctrine/ORM/Tools/Export/Driver/AbstractExporter.php | |
index 3e96af8..b2ed435 100644 | |
--- a/lib/Doctrine/ORM/Tools/Export/Driver/AbstractExporter.php | |
+++ b/lib/Doctrine/ORM/Tools/Export/Driver/AbstractExporter.php | |
@@ -130,7 +130,7 @@ abstract class AbstractExporter | |
public function export() | |
{ | |
if ( ! is_dir($this->_outputDir)) { | |
- mkdir($this->_outputDir, 0777, true); | |
+ mkdir($this->_outputDir, 0775, true); | |
} | |
foreach ($this->_metadata as $metadata) { | |
@@ -139,12 +139,13 @@ abstract class AbstractExporter | |
$path = $this->_generateOutputPath($metadata); | |
$dir = dirname($path); | |
if ( ! is_dir($dir)) { | |
- mkdir($dir, 0777, true); | |
+ mkdir($dir, 0775, true); | |
} | |
if (file_exists($path) && !$this->_overwriteExistingFiles) { | |
throw ExportException::attemptOverwriteExistingFile($path); | |
} | |
file_put_contents($path, $output); | |
+ chmod($path, 0664); | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment