From db096e9b494f6d71087eba1b4bd22ca452996cae Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Fri, 8 Jan 2010 08:27:47 +0000
Subject: [PATCH] openidProvider: Change the default directory for the data
 store.

The default configuration uses a directory in /tmp, which may allow
an user to create this directory before simpleSAMLphp attempts to
create it. This can allow the user to overwrite files the webserver has
access to.

This patch changes the default directory.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2084 44740490-163a-0410-bde0-09ae8108e29a
---
 .../openidProvider/config-template/module_openidProvider.php    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/openidProvider/config-template/module_openidProvider.php b/modules/openidProvider/config-template/module_openidProvider.php
index ce391ebe9..2222e55e6 100644
--- a/modules/openidProvider/config-template/module_openidProvider.php
+++ b/modules/openidProvider/config-template/module_openidProvider.php
@@ -12,6 +12,6 @@ $config = array(
 	'username_attribute' => 'uid',
 
 	/* The directory where OpenID data is stored. */
-	'filestore' => '/tmp/ssp-openid-provider',
+	'filestore' => '/var/lib/simplesamlphp-openid-provider',
 
 );
-- 
GitLab