diff options
author | Michael Boelen <michael.boelen@cisofy.com> | 2019-12-18 14:17:46 +0300 |
---|---|---|
committer | Michael Boelen <michael.boelen@cisofy.com> | 2019-12-18 14:17:46 +0300 |
commit | 09f29a5e64d4eb0fbbec2a0a503fa173a973b898 (patch) | |
tree | 18631dc8b10382e2eddb633d7fbcd03f3c87dbd1 /include/tests_php | |
parent | 94ba30e765d02ce638e01d731882f8b7086506e2 (diff) |
Code style improvement: quote argument
Diffstat (limited to 'include/tests_php')
-rw-r--r-- | include/tests_php | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/include/tests_php b/include/tests_php index b58d1758..d84b181a 100644 --- a/include/tests_php +++ b/include/tests_php @@ -230,7 +230,7 @@ if [ ${FOUND} -eq 0 ]; then LogText "Result: all PHP functions can be executed" Display --indent 4 --text "- Checking PHP disabled functions" --result "${STATUS_NONE}" --color YELLOW - ReportSuggestion ${TEST_NO} "Harden PHP by disabling risky functions" + ReportSuggestion "${TEST_NO}" "Harden PHP by disabling risky functions" LogText "Functions of interest to research/disable: chown, diskfreespace, disk_free_space, disk_total_space, dl, exec, escapeshellarg, escapeshellcmd, fileinode, highlight_file, max_execution_time, passthru, pclose, phpinfo, popen, proc_close, proc_open, proc_get_status, proc_nice, proc_open, proc_terminate, set_time_limit, shell_exec, show_source, system)" AddHP 0 1 else @@ -268,8 +268,8 @@ FIND=$(${EGREPBINARY} -i 'register_globals.*(on|yes|1)' ${PHPINIFILE} | ${GREPBINARY} -v '^;') if [ -n "${FIND}" ]; then Display --indent 4 --text "- Checking register_globals option" --result "${STATUS_WARNING}" --color RED - ReportWarning ${TEST_NO} "PHP option register_globals option is turned on, which can be a risk for variable value overwriting" - ReportSuggestion ${TEST_NO} "Change the register_globals line to: register_globals = Off" + ReportWarning "${TEST_NO}" "PHP option register_globals option is turned on, which can be a risk for variable value overwriting" + ReportSuggestion "${TEST_NO}" "Change the register_globals line to: register_globals = Off" LogText "Result: register_globals option is turned on, which can be a risk for variable value overwriting." AddHP 1 2 else @@ -302,7 +302,7 @@ if [ ${FOUND} -eq 1 ]; then Display --indent 4 --text "- Checking expose_php option" --result "${STATUS_ON}" --color RED - ReportSuggestion ${TEST_NO} "Turn off PHP information exposure" "expose_php = Off" "-" + ReportSuggestion "${TEST_NO}" "Turn off PHP information exposure" "expose_php = Off" "-" Report "Result: expose_php option is turned on, which can expose useful information for an attacker" AddHP 1 3 else @@ -325,7 +325,7 @@ if [ -n "${FIND}" ]; then Display --indent 4 --text "- Checking enable_dl option" --result "${STATUS_ON}" --color YELLOW Report "Result: enable_dl option is turned on, which can be used to enable more modules dynamically and circumventing security controls" - ReportSuggestion ${TEST_NO} "Change the enable_dl line to: enable_dl = Off, to disable dynamically loading new modules" + ReportSuggestion "${TEST_NO}" "Change the enable_dl line to: enable_dl = Off, to disable dynamically loading new modules" AddHP 0 1 else Display --indent 4 --text "- Checking enable_dl option" --result "${STATUS_OFF}" --color GREEN @@ -347,7 +347,7 @@ if [ -z "${FIND}" ]; then Display --indent 4 --text "- Checking allow_url_fopen option" --result "${STATUS_ON}" --color YELLOW LogText "Result: allow_url_fopen option is turned on, which can be used for downloads via PHP and is a security risk" - ReportSuggestion ${TEST_NO} "Change the allow_url_fopen line to: allow_url_fopen = Off, to disable downloads via PHP" + ReportSuggestion "${TEST_NO}" "Change the allow_url_fopen line to: allow_url_fopen = Off, to disable downloads via PHP" AddHP 0 1 else Display --indent 4 --text "- Checking allow_url_fopen option" --result "${STATUS_OFF}" --color GREEN @@ -370,7 +370,7 @@ if [ -z "${FIND}" ]; then Display --indent 4 --text "- Checking allow_url_include option" --result "${STATUS_ON}" --color YELLOW Report "Result: allow_url_include option is turned on, which can be used for downloads via PHP and is a risk" - ReportSuggestion ${TEST_NO} "Change the allow_url_include line to: allow_url_include = Off, to disable downloads via PHP" + ReportSuggestion "${TEST_NO}" "Change the allow_url_include line to: allow_url_include = Off, to disable downloads via PHP" AddHP 0 1 else Display --indent 4 --text "- Checking allow_url_include option" --result "${STATUS_OFF}" --color GREEN @@ -419,7 +419,7 @@ # if [ -n "${MAJOR_VERSION}" -a ${FOUND} -eq 1 ]; then # LogText "Test: Check Suhosin for PHP 7 is not enabled" # LogText "Result: Suhosin for PHP 7 is in alpha stage and should not be used in production" - # ReportSuggestion ${TEST_NO} "Disable Suhosin for PHP 7" + # ReportSuggestion "${TEST_NO}" "Disable Suhosin for PHP 7" # Display --indent 4 --text "- Checking PHP suhosin extension status" --result "${STATUS_WARNING}" --color RED # Display --indent 6 --text "- Suhosin is enabled for PHP 7" --result "${STATUS_WARNING}" --color RED # AddHP 0 1 @@ -433,7 +433,7 @@ # if [ ${FOUND} -eq 0 ]; then # LogText "Result: Suhosin extension is not enabled" # Display --indent 4 --text "- Checking PHP suhosin extension status" --result "${STATUS_WARNING}" --color RED - # ReportSuggestion ${TEST_NO} "Harden PHP by enabling suhosin extension" + # ReportSuggestion "${TEST_NO}" "Harden PHP by enabling suhosin extension" # LogText "suhosin extension is not enabled" # AddHP 0 1 # else @@ -449,7 +449,7 @@ # else # LogText "Result: Suhosin simulation mode is active" # Display --indent 6 --text "- Suhosin simulation mode status" --result "${STATUS_WARNING}" --color RED - # ReportSuggestion ${TEST_NO} "Harden PHP by deactivating suhosin simulation mode" + # ReportSuggestion "${TEST_NO}" "Harden PHP by deactivating suhosin simulation mode" # LogText "suhosin simulation mode is active" # AddHP 0 1 # fi |