mirror/postfixadmin
0
0
Fork 0
mirror of https://github.com/postfixadmin/postfixadmin.git synced 2024-09-20 03:36:20 +02:00
Code

Fix security hole in AliasHandler

Browse Source 
Without this fix it is possible to delete a protected alias via editing
the request parameter of the alias to delete.
This commit is contained in:
Jan-Frederik Rieckers 2017-02-03 14:53:10 +01:00
parent e56727fe09
commit 7bb36d0bbc
No known key found for this signature in database
GPG Key ID: 664B03955EA04DEF
2 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
languages/en.lang
View File

@ -128,6 +128,7 @@ $PALANG['pCreate_alias_result_success'] = 'The alias %s has been created!';
$PALANG['alias_updated'] = 'The alias %s has been updated!'; $PALANG['alias_updated'] = 'The alias %s has been updated!';
$PALANG['pCreate_alias_catchall_text'] = 'To create a catch-all use an "*" as alias.'; # XXX don't propagate usage of *@target-domain.com for domain-aliasing any longer $PALANG['pCreate_alias_catchall_text'] = 'To create a catch-all use an "*" as alias.'; # XXX don't propagate usage of *@target-domain.com for domain-aliasing any longer
$PALANG['mailbox_alias_cant_be_deleted'] = 'This alias belongs to a mailbox and can\'t be deleted!'; $PALANG['mailbox_alias_cant_be_deleted'] = 'This alias belongs to a mailbox and can\'t be deleted!';
$PALANG['protected_alias_cant_be_deleted'] = 'The alias %s is protected and can only be deleted by a superadmin';
$PALANG['pEdit_alias_welcome'] = 'Edit forwarding settings'; $PALANG['pEdit_alias_welcome'] = 'Edit forwarding settings';
$PALANG['pEdit_alias_help'] = 'Accepts multiple targets, one entry per line.'; $PALANG['pEdit_alias_help'] = 'Accepts multiple targets, one entry per line.';

5
model/AliasHandler.php
View File

@ -441,6 +441,11 @@ class AliasHandler extends PFAHandler {
return false; return false;
} }
if ($this->can_delete) {
$this->errormsg[] = Config::Lang_f('protected_alias_cant_be_deleted', $this->id);
return false;
}
db_delete('alias', 'address', $this->id); db_delete('alias', 'address', $this->id);
list(/*NULL*/,$domain) = explode('@', $this->id); list(/*NULL*/,$domain) = explode('@', $this->id);