From 270920ce91bdaf1f728a6ee96103f97b216a7635 Mon Sep 17 00:00:00 2001
From: Benni Mack <benni@typo3.org>
Date: Wed, 30 Dec 2015 14:35:14 +0100
Subject: [PATCH] [TASK] Move non-public files to typo3temp/var/
Add a subdirectory typo3temp/var/ (by default) which
contains all files which should never be accessible
for the web user.
In the future, this option should be configurable so it can
be put outside of the document root (e.g. via an
environment variable).
Resolves: #72479
Releases: master
Change-Id: Ia2e425a2ff55deac91c02b829c73036478995b0b
Reviewed-on: https://review.typo3.org/45505
Reviewed-by: Mathias Schreiber <mathias.schreiber@wmdb.de>
Tested-by: Mathias Schreiber <mathias.schreiber@wmdb.de>
Reviewed-by: Susanne Moog <typo3@susannemoog.de>
Tested-by: Susanne Moog <typo3@susannemoog.de>
---
_.htaccess | 2 +-
.../Cache/Backend/SimpleFileBackend.php | 4 +--
.../core/Classes/Charset/CharsetConverter.php | 10 +++---
.../Classes/Core/ClassLoadingInformation.php | 4 +--
.../core/Classes/Locking/FileLockStrategy.php | 4 +--
.../Classes/Locking/SemaphoreLockStrategy.php | 4 +--
.../Classes/Locking/SimpleLockStrategy.php | 6 ++--
.../core/Classes/Log/Writer/FileWriter.php | 2 +-
.../Unit/Locking/SimpleLockStrategyTest.php | 4 +--
.../Classes/Service/DocumentationService.php | 6 ++--
.../UploadExtensionFileController.php | 2 +-
.../Classes/Utility/Repository/Helper.php | 6 ++--
.../Classes/Utility/UpdateScriptUtility.php | 2 +-
.../FolderStructure/DefaultFactory.php | 35 +++++++++++++------
.../Classes/Report/InstallStatusReport.php | 6 ++--
.../Classes/Service/CoreUpdateService.php | 2 +-
.../Classes/Service/SessionService.php | 10 +++---
.../typo3temp-var-htaccess | 15 ++++++++
.../lang/Classes/Service/TerService.php | 2 +-
.../Classes/Backend/CommandLineBackend.php | 5 +--
.../version/Classes/Hook/DataHandlerHook.php | 2 +-
21 files changed, 81 insertions(+), 52 deletions(-)
create mode 100644 typo3/sysext/install/Resources/Private/FolderStructureTemplateFiles/typo3temp-var-htaccess
diff --git a/_.htaccess b/_.htaccess
index 954686ccc11f..b0b4960975d7 100644
--- a/_.htaccess
+++ b/_.htaccess
@@ -278,7 +278,7 @@ AddDefaultCharset utf-8
# Access block for folders
RewriteRule _(?:recycler|temp)_/ - [F]
RewriteRule fileadmin/templates/.*\.(?:txt|ts)$ - [F]
- RewriteRule typo3temp/logs/ - [F]
+ RewriteRule typo3temp/var/ - [F]
RewriteRule ^(vendor|typo3_src) - [F]
RewriteRule (?:typo3conf/ext|typo3/sysext|typo3/ext)/[^/]+/(?:Configuration|Resources/Private|Tests?)/ - [F]
diff --git a/typo3/sysext/core/Classes/Cache/Backend/SimpleFileBackend.php b/typo3/sysext/core/Classes/Cache/Backend/SimpleFileBackend.php
index 48f91bf6b470..e5c24e7a7503 100644
--- a/typo3/sysext/core/Classes/Cache/Backend/SimpleFileBackend.php
+++ b/typo3/sysext/core/Classes/Cache/Backend/SimpleFileBackend.php
@@ -97,8 +97,8 @@ class SimpleFileBackend extends \TYPO3\CMS\Core\Cache\Backend\AbstractBackend im
parent::setCache($cache);
if (empty($this->temporaryCacheDirectory)) {
// If no cache directory was given with cacheDirectory
- // configuration option, set it to a path below typo3temp/
- $temporaryCacheDirectory = PATH_site . 'typo3temp/';
+ // configuration option, set it to a path below typo3temp/var/
+ $temporaryCacheDirectory = PATH_site . 'typo3temp/var/';
} else {
$temporaryCacheDirectory = $this->temporaryCacheDirectory;
}
diff --git a/typo3/sysext/core/Classes/Charset/CharsetConverter.php b/typo3/sysext/core/Classes/Charset/CharsetConverter.php
index c5b9a3c982c4..be81939a8778 100644
--- a/typo3/sysext/core/Classes/Charset/CharsetConverter.php
+++ b/typo3/sysext/core/Classes/Charset/CharsetConverter.php
@@ -1040,7 +1040,7 @@ class CharsetConverter implements SingletonInterface
if ($charset && GeneralUtility::validPathStr($charsetConvTableFile) && @is_file($charsetConvTableFile)) {
// Cache file for charsets:
// Caching brought parsing time for gb2312 down from 2400 ms to 150 ms. For other charsets we are talking 11 ms down to zero.
- $cacheFile = GeneralUtility::getFileAbsFileName('typo3temp/cs/charset_' . $charset . '.tbl');
+ $cacheFile = GeneralUtility::getFileAbsFileName('typo3temp/var/charset/charset_' . $charset . '.tbl');
if ($cacheFile && @is_file($cacheFile)) {
$this->parsedCharsets[$charset] = unserialize(GeneralUtility::getUrl($cacheFile));
} else {
@@ -1099,8 +1099,8 @@ class CharsetConverter implements SingletonInterface
public function initUnicodeData($mode = null)
{
// Cache files
- $cacheFileCase = GeneralUtility::getFileAbsFileName('typo3temp/cs/cscase_utf-8.tbl');
- $cacheFileASCII = GeneralUtility::getFileAbsFileName('typo3temp/cs/csascii_utf-8.tbl');
+ $cacheFileCase = GeneralUtility::getFileAbsFileName('typo3temp/var/charset/cscase_utf-8.tbl');
+ $cacheFileASCII = GeneralUtility::getFileAbsFileName('typo3temp/var/charset/csascii_utf-8.tbl');
// Only process if the tables are not yet loaded
switch ($mode) {
case 'case':
@@ -1341,7 +1341,7 @@ class CharsetConverter implements SingletonInterface
return 1;
}
// Use cached version if possible
- $cacheFile = GeneralUtility::getFileAbsFileName('typo3temp/cs/cscase_' . $charset . '.tbl');
+ $cacheFile = GeneralUtility::getFileAbsFileName('typo3temp/var/charset/cscase_' . $charset . '.tbl');
if ($cacheFile && @is_file($cacheFile)) {
$this->caseFolding[$charset] = unserialize(GeneralUtility::getUrl($cacheFile));
return 2;
@@ -1403,7 +1403,7 @@ class CharsetConverter implements SingletonInterface
return 1;
}
// Use cached version if possible
- $cacheFile = GeneralUtility::getFileAbsFileName('typo3temp/cs/csascii_' . $charset . '.tbl');
+ $cacheFile = GeneralUtility::getFileAbsFileName('typo3temp/var/charset/csascii_' . $charset . '.tbl');
if ($cacheFile && @is_file($cacheFile)) {
$this->toASCII[$charset] = unserialize(GeneralUtility::getUrl($cacheFile));
return 2;
diff --git a/typo3/sysext/core/Classes/Core/ClassLoadingInformation.php b/typo3/sysext/core/Classes/Core/ClassLoadingInformation.php
index e1c1538c4fc9..bef37cc9099e 100644
--- a/typo3/sysext/core/Classes/Core/ClassLoadingInformation.php
+++ b/typo3/sysext/core/Classes/Core/ClassLoadingInformation.php
@@ -33,12 +33,12 @@ class ClassLoadingInformation
/**
* Base directory storing all autoload information
*/
- const AUTOLOAD_INFO_DIR = 'typo3temp/autoload/';
+ const AUTOLOAD_INFO_DIR = 'typo3temp/var/autoload/';
/**
* Base directory storing all autoload information in testing context
*/
- const AUTOLOAD_INFO_DIR_TESTS = 'typo3temp/autoload-tests/';
+ const AUTOLOAD_INFO_DIR_TESTS = 'typo3temp/var/autoload-tests/';
/**
* Name of file that contains all classes-filename mappings
diff --git a/typo3/sysext/core/Classes/Locking/FileLockStrategy.php b/typo3/sysext/core/Classes/Locking/FileLockStrategy.php
index 518f18724d51..81ff22dd1181 100644
--- a/typo3/sysext/core/Classes/Locking/FileLockStrategy.php
+++ b/typo3/sysext/core/Classes/Locking/FileLockStrategy.php
@@ -24,7 +24,7 @@ use TYPO3\CMS\Core\Utility\GeneralUtility;
*/
class FileLockStrategy implements LockingStrategyInterface
{
- const FILE_LOCK_FOLDER = 'typo3temp/locks/';
+ const FILE_LOCK_FOLDER = 'typo3temp/var/locks/';
/**
* @var resource File pointer if using flock method
@@ -50,7 +50,7 @@ class FileLockStrategy implements LockingStrategyInterface
/*
* Tests if the directory for simple locks is available.
* If not, the directory will be created. The lock path is usually
- * below typo3temp, typo3temp itself should exist already
+ * below typo3temp/var, typo3temp/var itself should exist already
*/
$path = PATH_site . self::FILE_LOCK_FOLDER;
if (!is_dir($path)) {
diff --git a/typo3/sysext/core/Classes/Locking/SemaphoreLockStrategy.php b/typo3/sysext/core/Classes/Locking/SemaphoreLockStrategy.php
index f4c7a741599d..b560da450652 100644
--- a/typo3/sysext/core/Classes/Locking/SemaphoreLockStrategy.php
+++ b/typo3/sysext/core/Classes/Locking/SemaphoreLockStrategy.php
@@ -23,7 +23,7 @@ use TYPO3\CMS\Core\Utility\GeneralUtility;
*/
class SemaphoreLockStrategy implements LockingStrategyInterface
{
- const FILE_LOCK_FOLDER = 'typo3temp/locks/';
+ const FILE_LOCK_FOLDER = 'typo3temp/var/locks/';
/**
* @var mixed Identifier used for this lock
@@ -53,7 +53,7 @@ class SemaphoreLockStrategy implements LockingStrategyInterface
{
$path = PATH_site . self::FILE_LOCK_FOLDER;
if (!is_dir($path)) {
- // Not using mkdir_deep on purpose here, if typo3temp itself
+ // Not using mkdir_deep on purpose here, if typo3temp/var itself
// does not exist, this issue should be solved on a different
// level of the application.
if (!GeneralUtility::mkdir($path)) {
diff --git a/typo3/sysext/core/Classes/Locking/SimpleLockStrategy.php b/typo3/sysext/core/Classes/Locking/SimpleLockStrategy.php
index e4f9a6cac6b1..e34f07558c25 100644
--- a/typo3/sysext/core/Classes/Locking/SimpleLockStrategy.php
+++ b/typo3/sysext/core/Classes/Locking/SimpleLockStrategy.php
@@ -23,7 +23,7 @@ use TYPO3\CMS\Core\Utility\GeneralUtility;
*/
class SimpleLockStrategy implements LockingStrategyInterface
{
- const FILE_LOCK_FOLDER = 'typo3temp/locks/';
+ const FILE_LOCK_FOLDER = 'typo3temp/var/locks/';
/**
* @var string File path used for this lock
@@ -53,10 +53,10 @@ class SimpleLockStrategy implements LockingStrategyInterface
{
// Tests if the directory for simple locks is available.
// If not, the directory will be created. The lock path is usually
- // below typo3temp, typo3temp itself should exist already
+ // below typo3temp/var, typo3temp/var itself should exist already
$path = PATH_site . self::FILE_LOCK_FOLDER;
if (!is_dir($path)) {
- // Not using mkdir_deep on purpose here, if typo3temp itself
+ // Not using mkdir_deep on purpose here, if typo3temp/var itself
// does not exist, this issue should be solved on a different
// level of the application.
if (!GeneralUtility::mkdir($path)) {
diff --git a/typo3/sysext/core/Classes/Log/Writer/FileWriter.php b/typo3/sysext/core/Classes/Log/Writer/FileWriter.php
index ca56e3866f70..fab6d49d5d36 100644
--- a/typo3/sysext/core/Classes/Log/Writer/FileWriter.php
+++ b/typo3/sysext/core/Classes/Log/Writer/FileWriter.php
@@ -37,7 +37,7 @@ class FileWriter extends AbstractWriter
*
* @var string
*/
- protected $defaultLogFileTemplate = 'typo3temp/logs/typo3_%s.log';
+ protected $defaultLogFileTemplate = 'typo3temp/var/logs/typo3_%s.log';
/**
* Log file handle storage
diff --git a/typo3/sysext/core/Tests/Unit/Locking/SimpleLockStrategyTest.php b/typo3/sysext/core/Tests/Unit/Locking/SimpleLockStrategyTest.php
index 516a1f954e8d..5dedcd346242 100644
--- a/typo3/sysext/core/Tests/Unit/Locking/SimpleLockStrategyTest.php
+++ b/typo3/sysext/core/Tests/Unit/Locking/SimpleLockStrategyTest.php
@@ -89,8 +89,8 @@ class SimpleLockStrategyTest extends UnitTestCase
{
return array(
'not withing PATH_site' => array('/tmp/TYPO3-Lock-Test'),
- 'directory traversal' => array(PATH_site . 'typo3temp/../typo3temp/locks/foo'),
- 'directory traversal 2' => array(PATH_site . 'typo3temp/locks/../locks/foo'),
+ 'directory traversal' => array(PATH_site . 'typo3temp/../typo3temp/var/locks/foo'),
+ 'directory traversal 2' => array(PATH_site . 'typo3temp/var/locks/../../var/locks/foo'),
'within uploads' => array(PATH_site . 'uploads/TYPO3-Lock-Test')
);
}
diff --git a/typo3/sysext/documentation/Classes/Service/DocumentationService.php b/typo3/sysext/documentation/Classes/Service/DocumentationService.php
index 75880d1308ea..680bc11da6d4 100644
--- a/typo3/sysext/documentation/Classes/Service/DocumentationService.php
+++ b/typo3/sysext/documentation/Classes/Service/DocumentationService.php
@@ -38,7 +38,7 @@ class DocumentationService
}
// Cache file locally to be able to create a composer.json file when fetching a document
- $absoluteCacheFilename = GeneralUtility::getFileAbsFileName('typo3temp/Documentation/documents.json');
+ $absoluteCacheFilename = GeneralUtility::getFileAbsFileName('typo3temp/var/transient/documents.json');
GeneralUtility::writeFileToTypo3tempDir($absoluteCacheFilename, $json);
}
return $documents;
@@ -165,7 +165,7 @@ class DocumentationService
$languageSegment = str_replace('_', '-', strtolower($language));
$packageName = sprintf('%s-%s-%s.zip', $packagePrefix, $version, $languageSegment);
$packageUrl = $url . 'packages/' . $packageName;
- $absolutePathToZipFile = GeneralUtility::getFileAbsFileName('typo3temp/Documentation/' . $packageName);
+ $absolutePathToZipFile = GeneralUtility::getFileAbsFileName('typo3temp/var/transient/' . $packageName);
$packages = $this->getAvailablePackages($url);
if (empty($packages) || !isset($packages[$version][$language])) {
@@ -195,7 +195,7 @@ class DocumentationService
$result = $this->unzipDocumentPackage($absolutePathToZipFile, $absoluteDocumentPath);
// Create a composer.json file
- $absoluteCacheFilename = GeneralUtility::getFileAbsFileName('typo3temp/Documentation/documents.json');
+ $absoluteCacheFilename = GeneralUtility::getFileAbsFileName('typo3temp/var/transient/documents.json');
$documents = json_decode(file_get_contents($absoluteCacheFilename), true);
foreach ($documents as $document) {
if ($document['key'] === $key) {
diff --git a/typo3/sysext/extensionmanager/Classes/Controller/UploadExtensionFileController.php b/typo3/sysext/extensionmanager/Classes/Controller/UploadExtensionFileController.php
index fc4ff3c8222b..a0fbc82b38b1 100644
--- a/typo3/sysext/extensionmanager/Classes/Controller/UploadExtensionFileController.php
+++ b/typo3/sysext/extensionmanager/Classes/Controller/UploadExtensionFileController.php
@@ -323,7 +323,7 @@ class UploadExtensionFileController extends AbstractController
*/
protected function copyExtensionFolderToTempFolder($extensionKey)
{
- $this->extensionBackupPath = PATH_site . 'typo3temp/' . $extensionKey . substr(sha1($extensionKey . microtime()), 0, 7) . '/';
+ $this->extensionBackupPath = PATH_site . 'typo3temp/var/transient/' . $extensionKey . substr(sha1($extensionKey . microtime()), 0, 7) . '/';
GeneralUtility::mkdir($this->extensionBackupPath);
GeneralUtility::copyDirectory(
$this->fileHandlingUtility->getExtensionDir($extensionKey),
diff --git a/typo3/sysext/extensionmanager/Classes/Utility/Repository/Helper.php b/typo3/sysext/extensionmanager/Classes/Utility/Repository/Helper.php
index e92283835dab..7d2c45b1c61a 100644
--- a/typo3/sysext/extensionmanager/Classes/Utility/Repository/Helper.php
+++ b/typo3/sysext/extensionmanager/Classes/Utility/Repository/Helper.php
@@ -168,8 +168,7 @@ class Helper implements \TYPO3\CMS\Core\SingletonInterface
*/
public function getLocalExtListFile()
{
- $absFilePath = PATH_site . 'typo3temp/ExtensionManager/' . (int)$this->repository->getUid() . '.extensions.xml.gz';
- return $absFilePath;
+ return PATH_site . 'typo3temp/var/ExtensionManager/' . (int)$this->repository->getUid() . '.extensions.xml.gz';
}
/**
@@ -209,8 +208,7 @@ class Helper implements \TYPO3\CMS\Core\SingletonInterface
*/
public function getLocalMirrorListFile()
{
- $absFilePath = PATH_site . 'typo3temp/ExtensionManager/' . (int)$this->repository->getUid() . '.mirrors.xml.gz';
- return $absFilePath;
+ return PATH_site . 'typo3temp/var/ExtensionManager/' . (int)$this->repository->getUid() . '.mirrors.xml.gz';
}
/**
diff --git a/typo3/sysext/extensionmanager/Classes/Utility/UpdateScriptUtility.php b/typo3/sysext/extensionmanager/Classes/Utility/UpdateScriptUtility.php
index be4c155e1d37..84a590e36334 100644
--- a/typo3/sysext/extensionmanager/Classes/Utility/UpdateScriptUtility.php
+++ b/typo3/sysext/extensionmanager/Classes/Utility/UpdateScriptUtility.php
@@ -108,7 +108,7 @@ class UpdateScriptUtility
if (!preg_match('/<\?php.*namespace\s+([^;]+);.*class/is', $scriptSourceCode, $matches)) {
// if no, rename the class with a unique name
$className = 'ext_update' . md5($extensionKey . $scriptSourceCode);
- $temporaryFileName = PATH_site . 'typo3temp/ExtensionManager/UpdateScripts/' . $className . '.php';
+ $temporaryFileName = PATH_site . 'typo3temp/var/transient/' . $className . '.php';
if (!file_exists(GeneralUtility::getFileAbsFileName($temporaryFileName))) {
$scriptSourceCode = preg_replace('/^\s*class\s+ext_update\s+/m', 'class ' . $className . ' ', $scriptSourceCode);
GeneralUtility::writeFileToTypo3tempDir($temporaryFileName, $scriptSourceCode);
diff --git a/typo3/sysext/install/Classes/FolderStructure/DefaultFactory.php b/typo3/sysext/install/Classes/FolderStructure/DefaultFactory.php
index b0e855b5294e..8100379cc5aa 100644
--- a/typo3/sysext/install/Classes/FolderStructure/DefaultFactory.php
+++ b/typo3/sysext/install/Classes/FolderStructure/DefaultFactory.php
@@ -130,19 +130,32 @@ class DefaultFactory
)
),
array(
- 'name' => 'cs',
- 'type' => DirectoryNode::class,
- 'targetPermission' => $directoryPermission,
- ),
- array(
- 'name' => 'Cache',
- 'type' => DirectoryNode::class,
- 'targetPermission' => $directoryPermission,
- ),
- array(
- 'name' => 'locks',
+ 'name' => 'var',
'type' => DirectoryNode::class,
'targetPermission' => $directoryPermission,
+ 'children' => array(
+ array(
+ 'name' => '.htaccess',
+ 'type' => FileNode::class,
+ 'targetPermission' => $filePermission,
+ 'targetContentFile' => PATH_site . 'typo3/sysext/install/Resources/Private/FolderStructureTemplateFiles/typo3temp-var-htaccess',
+ ),
+ array(
+ 'name' => 'charset',
+ 'type' => DirectoryNode::class,
+ 'targetPermission' => $directoryPermission,
+ ),
+ array(
+ 'name' => 'Cache',
+ 'type' => DirectoryNode::class,
+ 'targetPermission' => $directoryPermission,
+ ),
+ array(
+ 'name' => 'locks',
+ 'type' => DirectoryNode::class,
+ 'targetPermission' => $directoryPermission,
+ )
+ )
),
),
),
diff --git a/typo3/sysext/install/Classes/Report/InstallStatusReport.php b/typo3/sysext/install/Classes/Report/InstallStatusReport.php
index c89950111265..a3d4d86e6be4 100644
--- a/typo3/sysext/install/Classes/Report/InstallStatusReport.php
+++ b/typo3/sysext/install/Classes/Report/InstallStatusReport.php
@@ -73,8 +73,10 @@ class InstallStatusReport implements \TYPO3\CMS\Reports\StatusProviderInterface
'typo3temp/assets/js/' => 2,
// fallback storage of FAL
'typo3temp/assets/_processed_/' => 0,
- 'typo3temp/cs/' => 2,
- 'typo3temp/locks/' => 2,
+ 'typo3temp/var/' => 2,
+ 'typo3temp/var/transient/' => 2,
+ 'typo3temp/var/charset/' => 2,
+ 'typo3temp/var/locks/' => 2,
'typo3conf/' => 2,
'typo3conf/ext/' => 0,
'typo3conf/l10n/' => 0,
diff --git a/typo3/sysext/install/Classes/Service/CoreUpdateService.php b/typo3/sysext/install/Classes/Service/CoreUpdateService.php
index d6f66d6e5767..62a48cadd80a 100644
--- a/typo3/sysext/install/Classes/Service/CoreUpdateService.php
+++ b/typo3/sysext/install/Classes/Service/CoreUpdateService.php
@@ -97,7 +97,7 @@ class CoreUpdateService
*/
public function initializeObject()
{
- $this->setDownloadTargetPath(PATH_site . 'typo3temp/core-update/');
+ $this->setDownloadTargetPath(PATH_site . 'typo3temp/var/transient/');
$this->symlinkToCoreFiles = $this->discoverCurrentCoreSymlink();
$this->downloadBaseUri = $this->coreVersionService->getDownloadBaseUri();
}
diff --git a/typo3/sysext/install/Classes/Service/SessionService.php b/typo3/sysext/install/Classes/Service/SessionService.php
index 7a71c2d0b1c1..081f464737dc 100644
--- a/typo3/sysext/install/Classes/Service/SessionService.php
+++ b/typo3/sysext/install/Classes/Service/SessionService.php
@@ -22,12 +22,12 @@ use TYPO3\CMS\Core\Utility\GeneralUtility;
class SessionService implements \TYPO3\CMS\Core\SingletonInterface
{
/**
- * The path to our typo3temp (where we can write our sessions). Set in the
+ * The path to our typo3temp/var/ (where we can write our sessions). Set in the
* constructor.
*
* @var string
*/
- private $typo3tempPath;
+ private $basePath;
/**
* Path where to store our session files in typo3temp. %s will be
@@ -65,7 +65,7 @@ class SessionService implements \TYPO3\CMS\Core\SingletonInterface
*/
public function __construct()
{
- $this->typo3tempPath = PATH_site . 'typo3temp/';
+ $this->basePath = PATH_site . 'typo3temp/var/';
// Start our PHP session early so that hasSession() works
$sessionSavePath = $this->getSessionSavePath();
// Register our "save" session handler
@@ -105,7 +105,7 @@ class SessionService implements \TYPO3\CMS\Core\SingletonInterface
);
}
$sessionSavePath = sprintf(
- $this->typo3tempPath . $this->sessionPath,
+ $this->basePath . $this->sessionPath,
GeneralUtility::hmac('session:' . $GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'])
);
$this->ensureSessionSavePathExists($sessionSavePath);
@@ -406,7 +406,7 @@ class SessionService implements \TYPO3\CMS\Core\SingletonInterface
$result = GeneralUtility::writeFile($sessionFile, $sessionData);
if (!$result) {
throw new Exception(
- 'Session file not writable. Please check permission on typo3temp/InstallToolSessions and its subdirectories.',
+ 'Session file not writable. Please check permission on typo3temp/var/InstallToolSessions and its subdirectories.',
1424355157
);
}
diff --git a/typo3/sysext/install/Resources/Private/FolderStructureTemplateFiles/typo3temp-var-htaccess b/typo3/sysext/install/Resources/Private/FolderStructureTemplateFiles/typo3temp-var-htaccess
new file mode 100644
index 000000000000..104310d17e49
--- /dev/null
+++ b/typo3/sysext/install/Resources/Private/FolderStructureTemplateFiles/typo3temp-var-htaccess
@@ -0,0 +1,15 @@
+# This file restricts access to the typo3temp/var/ directory. It is
+# meant to protect temporary files which could contain sensible
+# information. Please do not touch.
+
+# Apache < 2.3
+<IfModule !mod_authz_core.c>
+ Order allow,deny
+ Deny from all
+ Satisfy All
+</IfModule>
+
+# Apache ≥ 2.3
+<IfModule mod_authz_core.c>
+ Require all denied
+</IfModule>
diff --git a/typo3/sysext/lang/Classes/Service/TerService.php b/typo3/sysext/lang/Classes/Service/TerService.php
index 6d1aca6e0f9d..75595baf7c89 100644
--- a/typo3/sysext/lang/Classes/Service/TerService.php
+++ b/typo3/sysext/lang/Classes/Service/TerService.php
@@ -132,7 +132,7 @@ class TerService extends TerUtility implements SingletonInterface
try {
$l10n = $this->fetchTranslation($extensionKey, $language, $mirrorUrl);
if (is_array($l10n)) {
- $absolutePathToZipFile = GeneralUtility::getFileAbsFileName('typo3temp/Language/' . $extensionKey . '-l10n-' . $language . '.zip');
+ $absolutePathToZipFile = GeneralUtility::getFileAbsFileName('typo3temp/var/transient/' . $extensionKey . '-l10n-' . $language . '.zip');
$relativeLanguagePath = 'l10n' . '/' . $language . '/';
$absoluteLanguagePath = GeneralUtility::getFileAbsFileName(PATH_typo3conf . $relativeLanguagePath);
$absoluteExtensionLanguagePath = GeneralUtility::getFileAbsFileName(PATH_typo3conf . $relativeLanguagePath . $extensionKey . '/');
diff --git a/typo3/sysext/rsaauth/Classes/Backend/CommandLineBackend.php b/typo3/sysext/rsaauth/Classes/Backend/CommandLineBackend.php
index bf4ed9620fdd..897679dbdc84 100644
--- a/typo3/sysext/rsaauth/Classes/Backend/CommandLineBackend.php
+++ b/typo3/sysext/rsaauth/Classes/Backend/CommandLineBackend.php
@@ -40,7 +40,7 @@ class CommandLineBackend extends AbstractBackend
/**
* Temporary directory. It is best of it is outside of the web site root and
* not publicly readable.
- * For now we use typo3temp/.
+ * For now we use typo3temp/var/ (stored in the variable without the trailing slash).
*
* @var string
*/
@@ -53,7 +53,6 @@ class CommandLineBackend extends AbstractBackend
public function __construct()
{
$this->opensslPath = CommandUtility::getCommand('openssl');
- $this->temporaryDirectory = PATH_site . 'typo3temp';
// Get temporary directory from the configuration
$extconf = unserialize($GLOBALS['TYPO3_CONF_VARS']['EXT']['extConf']['rsaauth']);
if (
@@ -63,6 +62,8 @@ class CommandLineBackend extends AbstractBackend
&& is_writable($extconf['temporaryDirectory'])
) {
$this->temporaryDirectory = $extconf['temporaryDirectory'];
+ } else {
+ $this->temporaryDirectory = PATH_site . 'typo3temp/var';
}
}
diff --git a/typo3/sysext/version/Classes/Hook/DataHandlerHook.php b/typo3/sysext/version/Classes/Hook/DataHandlerHook.php
index 80f6d5abc506..c4e42b88691a 100644
--- a/typo3/sysext/version/Classes/Hook/DataHandlerHook.php
+++ b/typo3/sysext/version/Classes/Hook/DataHandlerHook.php
@@ -825,7 +825,7 @@ class DataHandlerHook
return;
}
// Lock file name:
- $lockFileName = PATH_site . 'typo3temp/swap_locking/' . $table . ':' . $id . '.ser';
+ $lockFileName = PATH_site . 'typo3temp/var/swap_locking/' . $table . ':' . $id . '.ser';
if (@is_file($lockFileName)) {
$tcemainObj->newlog('A swapping lock file was present. Either another swap process is already running or a previous swap process failed. Ask your administrator to handle the situation.', 2);
return;
--
GitLab