|
 |
ffc836e |
|
|
|
ffc836e |
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=158174
|
|
|
ffc836e |
|
|
|
ffc836e |
--- webalizer-2.01-10/webalizer.c.confuser 2005-09-21 13:32:40.000000000 +0100
|
|
|
ffc836e |
+++ webalizer-2.01-10/webalizer.c 2005-09-21 13:33:43.000000000 +0100
|
|
|
ffc836e |
@@ -252,6 +254,8 @@
|
|
|
ffc836e |
|
|
|
ffc836e |
int max_ctry; /* max countries defined */
|
|
|
ffc836e |
|
|
|
ffc836e |
+ struct stat st;
|
|
|
ffc836e |
+
|
|
|
ffc836e |
/* month names used for parsing logfile (shouldn't be lang specific) */
|
|
|
ffc836e |
char *log_month[12]={ "jan", "feb", "mar",
|
|
|
ffc836e |
"apr", "may", "jun",
|
|
|
ffc836e |
@@ -266,8 +270,8 @@
|
|
|
ffc836e |
|
|
|
ffc836e |
sprintf(tmp_buf,"%s/webalizer.conf",ETCDIR);
|
|
|
ffc836e |
/* check for default config file */
|
|
|
ffc836e |
- if (!access("webalizer.conf",F_OK))
|
|
|
ffc836e |
- get_config("webalizer.conf");
|
|
|
ffc836e |
+ if (stat("webalizer.conf", &st) == 0 && st.st_uid == getuid())
|
|
|
ffc836e |
+ get_config("webalizer.conf");
|
|
|
ffc836e |
else if (!access(tmp_buf,F_OK))
|
|
|
ffc836e |
get_config(tmp_buf);
|
|
|
ffc836e |
|
|
|
ffc836e |
--- webalizer-2.01-10/webalizer.1.confuser 2001-10-23 07:05:50.000000000 +0100
|
|
|
ffc836e |
+++ webalizer-2.01-10/webalizer.1 2005-09-21 13:32:40.000000000 +0100
|
|
|
ffc836e |
@@ -44,7 +44,8 @@
|
|
|
ffc836e |
.B o
|
|
|
ffc836e |
A default configuration file is scanned for. A file named
|
|
|
ffc836e |
\fIwebalizer.conf\fP is searched for in the current directory, and if
|
|
|
ffc836e |
-found, it's configuration data is parsed. If the file is not
|
|
|
ffc836e |
+found, and is owned by the invoking user, then its configuration data is parsed.
|
|
|
ffc836e |
+If the file is not
|
|
|
ffc836e |
present in the current directory, the file \fI/etc/webalizer.conf\fP
|
|
|
ffc836e |
is searched for and, if found, is used instead.
|
|
|
ffc836e |
.TP 8
|