Bug #24165
closed
Hidden file ./typo3_src_svn/typo3/contrib/codemirror/contrib/python/css/._pythoncolors.css causes failures
Added by Björn Pedersen about 14 years ago.
Updated almost 14 years ago.
Description
The file ./typo3_src_svn/typo3/contrib/codemirror/contrib/python/css/._pythoncolors.css
get process by the compressor/merger and causes failures on MaCOS X
I made it private as it seems to be a bug in compressor to include hidden files.
(issue imported from #M16515)
I don't know, how t3editor adds the CSS of its plugin files.
template.php adds the files from stylesheet directories (in function addStyleSheetDirectory()) using t3lib_div::getFilesInDir($resolvedPath, 'css', FALSE, 1);
The hidden files have been removed from SVN some days ago (was only in trunk)
Björn, can you explain, why you see a problem in this behaviour of template.php?
An attacker could only take advantage of this if he or she could upload files in this directory.
I tend to close this case.
The main problem would be information disclosure.
But you are right, that it is not a really critical bug.
It would only disclose files which are present in the TYPO3 directories anyways. I close this one now...
Comment by Ronald Renfro:
I found some info on how to avoid the creation of such files on the client and added this to
my .bash_profile
export COPYFILE_DISABLE=true
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by