Home Explore Help
Sign In
joker
/
composer
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Make sure the global config file is only readable by the owner

Jordi Boggiano 12 years ago
parent
7aab7c6297
commit
c53729793b
2 changed files with 7 additions and 0 deletions
Split View Show Diff Stats
  1. 1 0
      src/Composer/Command/ConfigCommand.php
  2. 6 0
      src/Composer/Config/JsonConfigSource.php

+ 1 - 0
src/Composer/Command/ConfigCommand.php
View File 

@@ -110,6 +110,7 @@ EOT
 
         if ($input->getOption('global') && !$this->configFile->exists()) {
 
             touch($this->configFile->getPath());
 
             $this->configFile->write(array('config' => new \ArrayObject));
 
+            chmod($this->configFile->getPath(), 0600);
 
         }
 
 
         if (!$this->configFile->exists()) {

+ 6 - 0
src/Composer/Config/JsonConfigSource.php
View File 

@@ -70,6 +70,8 @@ class JsonConfigSource implements ConfigSourceInterface
 
         }
 
         $manipulator = new JsonManipulator($contents);
 
 
+        $newFile = !$this->file->exists();
 
+
 
         // try to update cleanly
 
         if (call_user_func_array(array($manipulator, $method), $args)) {
 
             file_put_contents($this->file->getPath(), $manipulator->getContents());
 
@@ -80,5 +82,9 @@ class JsonConfigSource implements ConfigSourceInterface
 
             call_user_func_array($fallback, $args);
 
             $this->file->write($config);
 
         }
 
+
 
+        if ($newFile) {
 
+            chmod($this->file->getPath(), 0600);
 
+        }
 
     }
 
 }