From 96a47e5d480e6c5b3aab1884a8536ec4b8ca2fab Mon Sep 17 00:00:00 2001
From: Andreas Gohr <gohr@cosmocode.de>
Date: Wed, 13 Jan 2010 09:20:36 +0100
Subject: [PATCH] fixed information leakage in ACL plugin FS#1847

---
 lib/plugins/acl/ajax.php | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/lib/plugins/acl/ajax.php b/lib/plugins/acl/ajax.php
index 54eaa8dc7..97fae2ad1 100644
--- a/lib/plugins/acl/ajax.php
+++ b/lib/plugins/acl/ajax.php
@@ -16,9 +16,11 @@ require_once(DOKU_INC.'inc/init.php');
 require_once(DOKU_INC.'inc/common.php');
 require_once(DOKU_INC.'inc/pageutils.php');
 require_once(DOKU_INC.'inc/auth.php');
-//close sesseion
+//close session
 session_write_close();
 
+if(!auth_ismanager()) die('forbidden');
+
 $ID    = getID();
 
 if(!auth_isadmin) die('for admins only');
@@ -42,6 +44,7 @@ if($ajax == 'info'){
     if($ns == '*'){
         $ns ='';
     }
+    $ns  = cleanID($ns);
     $lvl = count(explode(':',$ns));
     $ns  = utf8_encodeFN(str_replace(':','/',$ns));
 
-- 
GitLab