Given a combination of unfortunate conditions, like this:
- Bad ini settings, such as CacheDir=/
- The patch for related issue #17097 is not applied
- The option --purge is used
- ezcache.php is run as root
...it is possible to end up deleting the system wide root directory of a unix system, i.e. destroying the system. We can't make a complete fix for this because the settings allow you to use cache directories outside of the eZ Publish directory, and we can't (shouldn't) block the use of the root user. However, the patch reduces the chance of this happening by showing a list of dangerous directories and requiring the user to confirm them.
A directory is considered dangerous if it is outside of the eZ Publish directory, and has less than two path elements:
- Dangerous: /foo
- OK: /foo/bar
Root directories (like / and C:) will be refused.