+void suPHP::Application::checkParentDirectories(const File& file,
+ const UserInfo& owner,
+ const Configuration& config) const throw (SoftException) {
+ File directory = file;
+ Logger& logger = API_Helper::getSystemAPI().getSystemLogger();
+ do {
+ directory = directory.getParentDirectory();
+
+ UserInfo directoryOwner = directory.getUser();
+ if (directoryOwner != owner && !directoryOwner.isSuperUser()) {
+ std::string error = "Directory " + directory.getPath()
+ + " is not owned by " + owner.getUsername();
+ logger.logWarning(error);
+ throw SoftException(error, __FILE__, __LINE__);
+ }
+
+ if (!directory.isSymlink()
+ && !config.getAllowDirectoryGroupWriteable()
+ && directory.hasGroupWriteBit()) {
+ std::string error = "Directory \"" + directory.getPath()
+ + "\" is writeable by group";
+ logger.logWarning(error);
+ throw SoftException(error, __FILE__, __LINE__);
+ }
+
+ if (!directory.isSymlink()
+ && !config.getAllowDirectoryOthersWriteable()
+ && directory.hasOthersWriteBit()) {
+ std::string error = "Directory \"" + directory.getPath()
+ + "\" is writeable by others";
+ logger.logWarning(error);
+ throw SoftException(error, __FILE__, __LINE__);
+ }
+ } while (directory.getPath() != "/");
+}
+
+