[Vtigercrm-commits] [vtiger development] #1418: sync snapshot log4php with log4php-0.9 release version

vtiger development vtiger-tickets at vtiger.fosslabs.com
Sat Jul 1 13:38:38 EDT 2006 

#1418: sync snapshot log4php with log4php-0.9 release version
------------------------------------------------------------------------+---
 Reporter:  jeffk                                                       |       Owner:  jeffk
     Type:  defect                                                      |      Status:  new  
 Priority:  major                                                       |   Milestone:  4.2.5
Component:  vtigercrm                                                   |     Version:       
 Keywords:  dependencies packaging libraries php logging distributions  |  
------------------------------------------------------------------------+---
 source/vtigercrm/trunk/log4php has been updated in r5729:5720 to include
 the log4php-0.9 released 2003-12-10. source:vtigercrm/branches/4.2/log4php
 has an older version, update it to log4php-0.9

 Note that in source:vtigercrm/branches/4.2/log4php there are two
 purposeful changes to the source:
 {{{
 vtigercrm/log4php/LoggerBasicConfigurator.php
 @@ -59,7 +59,7 @@
          $layout = LoggerLayout::factory('LoggerLayoutTTCC');
          $appender->setLayout($layout);

 -        $root->addAppender($appender);
 +        $root->addAppender($appender));
      }
 }}}
 and
 {{{
 --- vtigercrm/log4php/appenders/LoggerAppenderFile.php
 @@ -26,12 +26,6 @@
  require_once(LOG4PHP_DIR . '/helpers/LoggerOptionConverter.php');
  require_once(LOG4PHP_DIR . '/LoggerLog.php');

 +if (!defined('ROOT_DIR')) define('ROOT_DIR', LOG4PHP_DIR . '/..');
 +if (!defined('LOG_READ'))
 +{
 +       include(ROOT_DIR . '/config.php');
 +       define('LOG_READ', $log_readable);
 +}
  /**
   * FileAppender appends log events to a file.
   *
 @@ -81,11 +75,6 @@
          $fileName = $this->getFile();
          LoggerLog::debug("LoggerAppenderFile::activateOptions() opening
 file '{$fileName}'");
          $this->fp = @fopen($fileName, ($this->getAppend()? 'a':'w'));
 +
 +       // Denying read option for log file. Added for Vulnerability fix
 +        if (is_readable($fileName) and (LOG_READ == 0)) chmod
 ($fileName,0200);
 +        if (!is_readable($fileName) and (LOG_READ == 1)) chmod
 ($fileName,0600);
 +
          if ($this->fp) {
              if ($this->getAppend())
                  fseek($this->fp, 0, SEEK_END);
 }}}
 I will commit to update the snapshotted log4php to zero-diff with
 log4php-0.9. Please feel free to re-commit the above fixes if deemed
 necessary and worthy of having a local modification to the library.

 log4php may warrant different snapshot modification procedures, because
 the releases are so infrequent.

-- 
Ticket URL: <http://vtiger.fosslabs.com/cgi-bin/trac.cgi/ticket/1418>
vtiger development <http://vtiger.fosslabs.com/>
vtigerCRM

More information about the vtigercrm-commits mailing list