diff options
-rw-r--r-- | install.php | 9 | ||||
-rw-r--r-- | modules/system/system.install | 12 |
2 files changed, 15 insertions, 6 deletions
diff --git a/install.php b/install.php index e0a6cd7d7..8334327e8 100644 --- a/install.php +++ b/install.php @@ -107,12 +107,13 @@ function install_main() { drupal_install_profile($profile, $modules); // Warn about settings.php permissions risk - $settings_file = './'. conf_path() .'/settings.php'; - if (!drupal_verify_install_file($settings_file, FILE_EXIST|FILE_READABLE|FILE_NOT_WRITABLE)) { - drupal_set_message(st('All necessary changes to %file have been made, so you should now remove write permissions to this file. Failure to remove write permissions to this file is a security risk.', array('%file' => $settings_file)), 'error'); + $settings_dir = './'. conf_path(); + $settings_file = $settings_dir .'/settings.php'; + if (!drupal_verify_install_file($settings_file, FILE_EXIST|FILE_READABLE|FILE_NOT_WRITABLE) || !drupal_verify_install_file($settings_dir, FILE_NOT_WRITABLE, 'dir')) { + drupal_set_message(st('All necessary changes to %dir and %file have been made, so you should now remove write permissions to them. Failure to remove write permissions to them is a security risk.', array('%dir' => $settings_dir, '%file' => $settings_file)), 'error'); } else { - drupal_set_message(st('All necessary changes to %file have been made. It has been set to read-only for security.', array('%file' => $settings_file))); + drupal_set_message(st('All necessary changes to %dir and %file have been made. They have been set to read-only for security.', array('%dir' => $settings_dir, '%file' => $settings_file))); } } diff --git a/modules/system/system.install b/modules/system/system.install index 0f4756174..d78e12bec 100644 --- a/modules/system/system.install +++ b/modules/system/system.install @@ -66,12 +66,20 @@ function system_requirements($phase) { // Test settings.php file writability if ($phase == 'runtime') { - if (!drupal_verify_install_file(conf_path() .'/settings.php', FILE_EXIST|FILE_READABLE|FILE_NOT_WRITABLE)) { + $conf_dir = drupal_verify_install_file(conf_path(), FILE_NOT_WRITABLE, 'dir'); + $conf_file = drupal_verify_install_file(conf_path() .'/settings.php', FILE_EXIST|FILE_READABLE|FILE_NOT_WRITABLE); + if (!$conf_dir || !$conf_file) { $requirements['settings.php'] = array( 'value' => $t('Not protected'), 'severity' => REQUIREMENT_ERROR, - 'description' => $t('The file %file is not protected from modifications and poses a security risk. You must change the file\'s permissions to be non-writable.', array('%file' => conf_path() .'/settings.php')), + 'description' => '', ); + if (!$conf_dir) { + $requirements['settings.php']['description'] .= $t('The directory %file is not protected from modifications and poses a security risk. You must change the directory\'s permissions to be non-writable. ', array('%file' => conf_path())); + } + if (!$conf_file) { + $requirements['settings.php']['description'] .= $t('The file %file is not protected from modifications and poses a security risk. You must change the file\'s permissions to be non-writable.', array('%file' => conf_path() .'/settings.php')); + } } else { $requirements['settings.php'] = array( |