From ea24e2ce0df08c5e9c099bce90c0cb0ca2b56e1c Mon Sep 17 00:00:00 2001 From: Dion Hulse Date: Tue, 17 Sep 2013 08:05:23 +0000 Subject: [PATCH] WordPress Upgrades: When defining the default filesystem permissions for files/directories, base the value on the existing ABSPATH & index.php file permissions - so as to respect the executable bit (if set) and not set global read if not required. This sets a minimum permission set to 750 and 640 for directories and files, so any systems requring less permission than that will still need to define the constants themselves. Fixes #20069 git-svn-id: https://develop.svn.wordpress.org/trunk@25469 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-admin/includes/file.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/wp-admin/includes/file.php b/src/wp-admin/includes/file.php index 484a191022..b4ee8ec105 100644 --- a/src/wp-admin/includes/file.php +++ b/src/wp-admin/includes/file.php @@ -802,9 +802,9 @@ function WP_Filesystem( $args = false, $context = false ) { // Set the permission constants if not already set. if ( ! defined('FS_CHMOD_DIR') ) - define('FS_CHMOD_DIR', 0755 ); + define('FS_CHMOD_DIR', ( fileperms( ABSPATH ) & 0777 | 0750 ) ); if ( ! defined('FS_CHMOD_FILE') ) - define('FS_CHMOD_FILE', 0644 ); + define('FS_CHMOD_FILE', ( fileperms( ABSPATH . 'index.php' ) & 0777 | 0640 ) ); return true; }