Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Start the security audit by checking to see if the repos it public or private. |
|---|---|
| Downloads: | Tarball | ZIP archive |
| Timelines: | family | ancestors | descendants | both | security-audit |
| Files: | files | file ages | folders |
| SHA3-256: |
7f29e2640ab5d1dc7271dad859c608bc |
| User & Date: | drh 2017-06-30 15:17:56.989 |
Context
|
2017-06-30
| ||
| 16:13 | Many new permission checks for the security-audit page. ... (Closed-Leaf check-in: c12ffe2c user: drh tags: security-audit) | |
| 15:17 | Start the security audit by checking to see if the repos it public or private. ... (check-in: 7f29e264 user: drh tags: security-audit) | |
| 13:36 | Add a stub for the Security Audit page. ... (check-in: c5504029 user: drh tags: security-audit) | |
Changes
Changes to src/security_audit.c.
| ︙ | ︙ | |||
18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 |
** This file implements various web pages use for running a security audit
** of a Fossil configuration.
*/
#include "config.h"
#include <assert.h>
#include "security_audit.h"
/*
** WEBPAGE: secaudit0
**
** Run a security audit of the current Fossil setup.
** This page requires administrator access
*/
void secaudit0_page(void){
login_check_credentials();
if( !g.perm.Setup && !g.perm.Admin ){
login_needed(0);
return;
}
style_header("Security Audit");
| > > > > > > > > > > > > > > > > | > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 |
** This file implements various web pages use for running a security audit
** of a Fossil configuration.
*/
#include "config.h"
#include <assert.h>
#include "security_audit.h"
/*
** Return TRUE if any of the capability letters in zTest are found
** in the capability string zCap.
*/
static int hasAnyCap(const char *zCap, const char *zTest){
while( zTest[0] ){
if( strchr(zCap, zTest[0]) ) return 1;
zTest++;
}
return 0;
}
/*
** WEBPAGE: secaudit0
**
** Run a security audit of the current Fossil setup.
** This page requires administrator access
*/
void secaudit0_page(void){
const char *zAnonCap; /* Capabilities of user "anonymous" and "nobody" */
const char *zPubPages; /* GLOB pattern for public pages */
login_check_credentials();
if( !g.perm.Setup && !g.perm.Admin ){
login_needed(0);
return;
}
style_header("Security Audit");
@ <ol>
/* Step 1: Determine if the repository is public or private. "Public"
** means that any anonymous user on the internet can access all content.
** "Private" repos require (non-anonymous) login to access all content,
** though some content may be accessible anonymously.
*/
zAnonCap = db_text("", "SELECT group_concat(coalesce(cap,'')) FROM user"
" WHERE login IN ('anonymous','nobody')");
zPubPages = db_get("public-pages",0);
if( hasAnyCap(zAnonCap,"as") ){
@ <li><p>This repository is <big><b>Wildly INSECURE</b></big> because
@ it grants administrator privileges to anonymous users. You
@ should <a href="takeitprivate">take this repository private</a>
@ immediately! Or, at least remove the Setup and Admin privileges
@ for users "anonymous" and "login" on the
@ <a href="setup_ulist">User Configuration</a> page.
}else if( hasAnyCap(zAnonCap,"y") ){
@ <li><p>This repository is <big><b>INSECURE</b></big> because
@ it allows anonymous users to push unversioned files. You can
@ fix this by <a href="takeitprivate">taking the repository private</a>
@ or by removing the "y" permission from users "anonymous" and
@ "nobody" on the <a href="setup_ulist">User Configuration</a> page.
}else if( hasAnyCap(zAnonCap,"goz") ){
@ <li><p>This repository is <big><b>PUBLIC</b></big>. All
@ checked-in content can be accessed by anonymous passers-by on the
@ internet. <a href="takeitprivate">Take it private</a>.<p>
}else if( !hasAnyCap(zAnonCap, "jry") && (zPubPages==0 || zPubPages[0]==0) ){
@ <li><p>This repository is <big><b>Completely PRIVATE</b></big>.
@ A valid login and password is required to access any content.
}else{
@ <li><p>This repository is <big><b>Mostly PRIVATE</b></big>.
@ A valid login and password is usually required, however some
@ content can be accessed anonymously:
@ <ul>
if( zPubPages && zPubPages[0] ){
@ <li> URLs that matches one of these GLOB patterns:
@ "%h(zPubPages)" (Change this using the "Public pages" setting
@ on the <a href="setup_access">Access Settings</a> page.)
}
if( hasAnyCap(zAnonCap,"j") ){
@ <li> Wiki pages
}
if( hasAnyCap(zAnonCap,"r") ){
@ <li> Tickets
}
@ </ul>
}
style_footer();
}
/*
** WEBPAGE: takeitprivate
**
** Disable anonymous access to this website
*/
void takeitprivate_page(void){
login_check_credentials();
if( !g.perm.Setup && !g.perm.Admin ){
login_needed(0);
return;
}
if( P("cancel") ){
/* User pressed the cancel button. Go back */
cgi_redirect("secaudit0");
}
if( P("apply") ){
db_multi_exec(
"UPDATE user SET cap=''"
" WHERE login IN ('nobody','anonymous');"
"DELETE FROM config WHERE name='public-pages';"
);
cgi_redirect("secaudit0");
}
style_header("Make This Website Private");
@ <p>Click the "Make It Private" button below to disable all
@ anonymous access to this repository. A valid login and password
@ will be required to access this repository after clicking that
@ button.</p>
@
@ <p>Click the "Cancel" button to leave things as they are.</p>
@
@ <form action="%s(g.zPath)" method="post">
@ <input type="submit" name="apply" value="Make It Private">
@ <input type="submit" name="cancel" value="Cancel">
@ </form>
style_footer();
}
|