[DCOM-293] Fix security misconfiguration vulnerability that can lead …

…to local arbitrary code execution.
doctrine · Aug 31, 2015 · b3ae747 · b3ae747
1 parent 64e2a6a
commit b3ae747
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/lib/Doctrine/Common/Proxy/ProxyGenerator.php b/lib/Doctrine/Common/Proxy/ProxyGenerator.php
@@ -302,6 +302,7 @@ public function generateProxyClass(ClassMetadata $class, $fileName = false)
         $tmpFileName = $fileName . '.' . uniqid('', true);
 
         file_put_contents($tmpFileName, $proxyCode);
+        chmod($tmpFileName, 0664);
         rename($tmpFileName, $fileName);
     }