From c174229d641a7a7c8c80893a98b237735f33c5a5 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@users.sourceforge.net>
Date: Wed, 10 Feb 2010 18:04:03 +0000
Subject: [PATCH] Fix: Pb with config file backup

---
 htdocs/install/etape1.php |  4 +++-
 htdocs/lib/files.lib.php  | 10 ++++++++--
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/htdocs/install/etape1.php b/htdocs/install/etape1.php
index 419852f01b4..97ea932e78a 100644
--- a/htdocs/install/etape1.php
+++ b/htdocs/install/etape1.php
@@ -208,7 +208,9 @@ if ($_POST["action"] == "set")
 		// Save old conf file on disk
 		if (file_exists("$conffile"))
 		{
-			@dol_copy($conffile, $conffile.'.old');	// We must ignore errors as an existing old file may alreday exists and not be replacable
+			// We must ignore errors as an existing old file may alreday exists and not be replacable
+			// Also no other process must be able to read file or we expose the new file so content with password.
+			@dol_copy($conffile, $conffile.'.old', '0400');
 		}
 
 		$error+=write_conf_file($conffile);
diff --git a/htdocs/lib/files.lib.php b/htdocs/lib/files.lib.php
index 6be72cdf00d..caa7e9f7c1f 100644
--- a/htdocs/lib/files.lib.php
+++ b/htdocs/lib/files.lib.php
@@ -304,11 +304,17 @@ function dol_is_file($pathoffile)
 
 /**
  * Copy a file to another file
+ * @param	$srcfile	Source file
+ * @param	$destfile	Destination file
+ * @param	$newmask	Mask for new file
  * @return	boolean		True if OK, false if KO
  */
-function dol_copy($srcfile, $destfile)
+function dol_copy($srcfile, $destfile, $newmask)
 {
-	return @copy($srcfile, $destfile);
+	dol_syslog("files.lib.php::dol_copy srcfile=".$srcfile." destfile=".$destfile." newmask=".$newmask);
+	$result=@copy($srcfile, $destfile);
+	@chmod($file, octdec($newmask));	// File must not be readable by any others
+	return $result;
 }
 
 ?>
-- 
GitLab