From 26c4c3c75d8b5ba2c5eae4bf9df4c56730c55999 Mon Sep 17 00:00:00 2001
From: Daniel Winzen <daniel@danwin1210.me>
Date: Sun, 26 Jan 2020 14:40:52 +0100
Subject: [PATCH] set safe file permissions

---
 var/www/setup.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/var/www/setup.php b/var/www/setup.php
index cbab883..f3d1fb7 100644
--- a/var/www/setup.php
+++ b/var/www/setup.php
@@ -355,4 +355,10 @@ while($tmp=$stmt->fetch(PDO::FETCH_NUM)){
 	}
 }
 $db->exec('UPDATE service_instances SET reload=1;');
+//set safe file permissions
+exec('chown root:www-data -R /var/www/html/');
+exec('find /var/www/html/ -type f -exec chmod 640 {} \;');
+exec('find /var/www/html/ -type d -exec chmod 750 {} \;');
+exec('chown root:www-data /var/www/common.php /var/www/composer.json /var/www/composer.lock /var/www/cron.php /var/www/find_old.php /var/www/setup_chroot.sh /var/www/setup.php');
+exec('chmod 640 /var/www/common.php /var/www/composer.json /var/www/composer.lock /var/www/cron.php /var/www/find_old.php /var/www/setup_chroot.sh /var/www/setup.php');
 echo "Done - Database and files have been updated to the latest version :)\n";