WordPress Upgrades: When defining the default filesystem permissions for files/directories, base the value on the existing ABSPATH & index.php file permissions - so as to respect the executable bit (if set) and not set global read if not required.

This sets a minimum permission set to 750 and 640 for directories and files, so any systems requring less permission than that will still need to define the constants themselves. Fixes #20069 git-svn-id: https://develop.svn.wordpress.org/trunk@25469 602fd350-edb4-49c9-b593-d223f7449a82
2013-09-17 08:05:23 +00:00 · 2013-09-17 08:05:23 +00:00 · ea24e2ce0d
parent ed8f918e4e
commit ea24e2ce0d
1 changed files with 2 additions and 2 deletions
--- a/src/wp-admin/includes/file.php
+++ b/src/wp-admin/includes/file.php
@ -802,9 +802,9 @@ function WP_Filesystem( $args = false, $context = false ) {

 	// Set the permission constants if not already set.
 	if ( ! defined('FS_CHMOD_DIR') )
-		define('FS_CHMOD_DIR', 0755 );
+		define('FS_CHMOD_DIR', ( fileperms( ABSPATH ) & 0777 | 0750 ) );
 	if ( ! defined('FS_CHMOD_FILE') )
-		define('FS_CHMOD_FILE', 0644 );
+		define('FS_CHMOD_FILE', ( fileperms( ABSPATH . 'index.php' ) & 0777 | 0640 ) );

 	return true;
 }