projects / project / luci.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 0eb5661)
luci-base: whitelist file/write actions on /etc/rc.local
authorJo-Philipp Wich <jo@mein.io>
Thu, 12 Sep 2019 12:42:12 +0000 (14:42 +0200)
committerJo-Philipp Wich <jo@mein.io>
Thu, 12 Sep 2019 12:42:12 +0000 (14:42 +0200)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json patch | blob | history

diff --git a/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json b/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json
index a0852eaec575d3f93873a3db190dec4da8fc42dc..f2ee7ce2c3f4d6f9f759876b5d73a16e01a80ff2 100644 (file)
--- a/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json
+++ b/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json
@@ -23,6 +23,7 @@
                        "file": {
                                "/": [ "list" ],
                                "/*": [ "list" ],
+                               "/etc/rc.local": [ "read" ],
                                "/proc/sys/kernel/hostname": [ "read" ]
                        },
                        "ubus": {
@@ -39,10 +40,11 @@
                "write": {
                        "cgi-io": [ "upload", "/etc/luci-uploads/*" ],
                        "file": {
-                               "/etc/luci-uploads/*": [ "write" ]
+                               "/etc/luci-uploads/*": [ "write" ],
+                               "/etc/rc.local": [ "write" ]
                        },
                        "ubus": {
-                               "file": [ "remove" ],
+                               "file": [ "write", "remove" ],
                                "iwinfo": [ "scan" ],
                                "luci": [ "setInitAction", "setLocaltime" ],
                                "uci": [ "add", "apply", "confirm", "delete", "order", "set", "rename" ]
Lua Configuration Interface (mirror)