Bug #15052
closed
Files in fileadmin/_temp_/ can be downloaded by anyone
0%
Description
It may happen that someone creates an export of all fe_users into a t3d file. He takes the file, moves to his next site, and imports it again.
While importing the file using impexp, the file is actually being uploaded to fileadmin/_temp_/ first. When importing the t3d file, impexp will use this copy. After the import, the file is not deleted.
This could apply to many other use cases, it's just an example to explain why fileadmin/_temp_/ should be secured in some way.
The easiest way to solve this is to add a .htaccess in fileadmin/_temp_ and deny access to anybody.
Furthermore, the impexp extension should remove t3d files after they have been successfully imported.
(issue imported from #M1604)
Files
Updated by Thorsten Kahler about 19 years ago
I'm not sure about this, but I don't think that any of these temporary files are intended to be delivered to the web. So IMHO access to all files in "_temp_" directories can be denied without causing headaches.
I also could imagine some kind of garbage collector like in tslib_feUserAuth::fetchSessionData(). All files older than e.g. 5 minutes are deleted, triggered by a random FE or BE access. This would also work in environments where no cron jobs are available (-> mass hosting).
Updated by Mathias Schreiber about 19 years ago
What if I WANT to keep my files?
I think this is a quite theoretical risk, since one would have to know the name of the file to download it.
Updated by