From b3ae747e4e63d8785b745762830850160eac2ab4 Mon Sep 17 00:00:00 2001
From: Benjamin Eberlei <kontakt@beberlei.de>
Date: Mon, 31 Aug 2015 14:20:35 +0200
Subject: [PATCH] [DCOM-293] Fix security misconfiguration vulnerability that
 can lead to local arbitrary code execution.

---
 lib/Doctrine/Common/Proxy/ProxyGenerator.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/Doctrine/Common/Proxy/ProxyGenerator.php b/lib/Doctrine/Common/Proxy/ProxyGenerator.php
index 4c5a239a4..3941f17e4 100644
--- a/lib/Doctrine/Common/Proxy/ProxyGenerator.php
+++ b/lib/Doctrine/Common/Proxy/ProxyGenerator.php
@@ -302,6 +302,7 @@ public function generateProxyClass(ClassMetadata $class, $fileName = false)
         $tmpFileName = $fileName . '.' . uniqid('', true);
 
         file_put_contents($tmpFileName, $proxyCode);
+        chmod($tmpFileName, 0664);
         rename($tmpFileName, $fileName);
     }