From c7e66ec848cfce75b8eb3f635f21255e3967def2 Mon Sep 17 00:00:00 2001
From: MichaIng <micha@dietpi.com>
Date: Thu, 26 Sep 2019 12:38:58 +0200
Subject: [PATCH] Add "Order" to assure that no parental "Allow" can grant
 access

Signed-off-by: MichaIng <micha@dietpi.com>
---
 lib/private/Setup.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib/private/Setup.php b/lib/private/Setup.php
index 7811754ddce..3fbfc3da2ba 100644
--- a/lib/private/Setup.php
+++ b/lib/private/Setup.php
@@ -547,6 +547,7 @@ class Setup {
 		$content .= "  Require all denied\n";
 		$content .= "</IfModule>\n";
 		$content .= "<IfModule mod_access_compat.c>\n";
+		$content .= "  Order Allow,Deny";
 		$content .= "  Deny from all\n";
 		$content .= "  Satisfy All\n";
 		$content .= "</IfModule>\n\n";
@@ -554,6 +555,7 @@ class Setup {
 		$content .= "<IfModule !mod_authz_core.c>\n";
 		$content .= "  <IfModule !mod_access_compat.c>\n";
 		$content .= "    <IfModule mod_authz_host.c>\n";
+		$content .= "      Order Allow,Deny";
 		$content .= "      Deny from all\n";
 		$content .= "    <IifModule>\n";
 		$content .= "    Satisfy All\n";
-- 
GitLab