[TYPO3-core] RFC: allow access from private nets

Martin Kutschker Martin.Kutschker at n0spam-blackbox.net
Wed Jun 7 16:39:43 CEST 2006


Michael Stucki schrieb:
> Hi Martin,
> 
> I think that instead of allowing a whole network to access the install tool,
> it would be much better to allow access based on the existance of a simple
> file.
> 
> The attached patch removes the IP check in the install tool and just checks
> for the existance of typo3conf/ENABLE_INSTALL_TOOL instead.
> 
> This is very useful for mass hosters who share one TYPO3 source for many
> sites. Also it allows install tool access without having to edit the source
> code.

Having this file in typo3conf won't help much for the hosters themselves. 
But it's great that we can avoid the fiddling with the code.

> I don't see any problems with the change since you still need filesystem
> access. Opinions?

Has the installer access to t3lib? If so, it could read the file. If it 
finds IP ranges in it (like SYS[devIPmask]) it could verify the clients IP 
address against it. If no IP is found all addresses are allowed.

Why did you change the "1==0" comparison to "1==2"? IMHO this can be 
removed. Those who know PHP may change the code the way they like.

Masi

PS:

We could add those mask to the debug IP range:

SYS[devIPmask] = '10.*,72.16.*,192.168.*,127.0.0.1'



More information about the TYPO3-team-core mailing list