Index: includes/file.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/file.inc,v
retrieving revision 1.80
diff -u -F^f -r1.80 file.inc
--- includes/file.inc	6 Aug 2006 22:49:27 -0000	1.80
+++ includes/file.inc	9 Aug 2006 14:07:09 -0000
@@ -228,7 +228,7 @@ function file_check_upload($source = 'up
     $file->filemime = $_FILES["edit"]["type"][$source];
 
     // Rename potentially executable files, to help prevent exploits.
-    if (((substr($file->filemime, 0, 5) == 'text/' || strpos($file->filemime, 'javascript')) && (substr($file->filename, -4) != '.txt')) || preg_match('/\.(php|pl|py|cgi|asp)$/i', $file->filename)) {
+    if ((!user_access('bypass safety checks')) && (((substr($file->filemime, 0, 5) == 'text/' || strpos($file->filemime, 'javascript')) && (substr($file->filename, -4) != '.txt')) || preg_match('/\.(php|pl|py|cgi|asp)$/i', $file->filename))) {
       $file->filemime = 'text/plain';
       $file->filepath .= '.txt';
       $file->filename .= '.txt';
Index: modules/upload/upload.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/upload/upload.module,v
retrieving revision 1.117
diff -u -F^f -r1.117 upload.module
--- modules/upload/upload.module	7 Aug 2006 15:04:15 -0000	1.117
+++ modules/upload/upload.module	9 Aug 2006 14:07:10 -0000
@@ -35,7 +35,7 @@ function upload_help($section) {
  * Implementation of hook_perm().
  */
 function upload_perm() {
-  return array('upload files', 'view uploaded files');
+  return array('bypass safety checks', 'upload files', 'view uploaded files');
 }
 
 /**