-
The ResourceStorage omits checks for the configured user and group permissions within the actions on that Storage. This patch refines some naming within the security methods as well as adding security checks to every method. PHP file extensions are now also removed from the text file extension list. Releases: 6.2, 6.1, 6.0 Fixes: #51079 Change-Id: I95a6d89da7eb2b6ea52afea1c49b1df8acb00707 Security-Commit: f5d926ec7a99098ad42117cf2e0b3b67dae057a4 Security-Bulletin: TYPO3-CORE-SA-2013-003 Reviewed-on: https://review.typo3.org/23595 Reviewed-by: Oliver Hader Tested-by: Oliver Hader
770b53e1
