Permalink
Browse files

MDL-35238 Accept $CFG->alternativeupdateproviderurl from config.php f…

…ile only

There was a potential security risk that someone with access to the Moodle
database could update mdl_config table and use it as a vector to
install malicious code on the server.

Credit goes to Dan Poltawski for raising this.
  • Loading branch information...
1 parent dc11af1 commit 56c05088e593e1ed6ed8ce849ee1f88e7a5c258e @mudrd8mz mudrd8mz committed Nov 8, 2012
Showing with 2 additions and 2 deletions.
  1. +2 −2 lib/pluginlib.php
View
@@ -987,8 +987,8 @@ protected function compare_responses(array $old, array $new) {
protected function prepare_request_url() {
global $CFG;
- if (!empty($CFG->alternativeupdateproviderurl)) {
- return $CFG->alternativeupdateproviderurl;
+ if (!empty($CFG->config_php_settings['alternativeupdateproviderurl'])) {
+ return $CFG->config_php_settings['alternativeupdateproviderurl'];
} else {
return 'http://download.moodle.org/api/1.1/updates.php';
}

0 comments on commit 56c0508

Please sign in to comment.