ports/111040: [NEW PORT] www/phpsecinfo: A PHP environment security auditing toool
chinsan
chinsan at FreeBSD.org
Fri Mar 30 17:10:06 UTC 2007
>Number: 111040
>Category: ports
>Synopsis: [NEW PORT] www/phpsecinfo: A PHP environment security auditing toool
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Fri Mar 30 17:10:05 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator: chinsan
>Release: FreeBSD 6.2-STABLE i386
>Organization:
Taiwan
>Environment:
System: FreeBSD chinsan.twbbs.org 6.2-STABLE FreeBSD 6.2-STABLE #6: Mon Feb 5 23:22:25 CST
>Description:
### WHAT IS PHPSECINFO?
PHPSecInfo is a PHP environment security auditing tool modeled after the
phpsecinfo() function. From a single function call, PHPSecInfo runs a
series of tests on your PHP environment to identify potential security
issues and offer suggestions. It can be useful as part of a multilayered
security approach.
#### WHAT IS PHPSECINFO NOT?
* It is not a replacement for secure coding practices
* It does not audit PHP code
* It is not comprehensive test for either your hosting environment
or your web application
* It is not the "final word." PHPSecInfo identifies *potential* problems
and offers suggestions for improvement. Your environment may _require_
certain settings that trigger cautions or warnings.
WWW: http://phpsec.org/projects/phpsecinfo/
Generated with FreeBSD Port Tools 0.77
>How-To-Repeat:
>Fix:
--- phpsecinfo-0.2.0.shar begins here ---
# This is a shell archive. Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file". Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
# phpsecinfo
# phpsecinfo/Makefile
# phpsecinfo/distinfo
# phpsecinfo/pkg-descr
# phpsecinfo/pkg-plist
#
echo c - phpsecinfo
mkdir -p phpsecinfo > /dev/null 2>&1
echo x - phpsecinfo/Makefile
sed 's/^X//' >phpsecinfo/Makefile << 'END-of-phpsecinfo/Makefile'
X# New ports collection makefile for: phpsecinfo
X# Date created: 2007/04/01
X# Whom: chinsan
X#
X# $FreeBSD$
X#
X
XPORTNAME= phpsecinfo
XPORTVERSION= 0.2.0
XCATEGORIES= www security
XMASTER_SITES= LOCAL/chinsan
X
XMAINTAINER= chinsan at FreeBSD.org
XCOMMENT= A PHP environment security auditing toool
X
XUSE_ZIP= yes
XUSE_PHP= pcre
XWANT_PHP_WEB= yes
XNO_BUILD= yes
X
XWRKSRC= ${WRKDIR}/${PORTNAME}
XTEMP_PLIST= ${WRKDIR}/temp-pkg-plist
X
Xdo-install:
X @${MKDIR} ${WWWDIR}
X @${CP} -R ${WRKSRC}/ ${WWWDIR}/
X @${CHOWN} -R ${WWWOWN}:${WWWGROUP} ${WWWDIR}
X
X# This target is only meant to be used by the port maintainer.
Xx-generate-plist:
X @make makesum
X @cd ${WRKSRC} && ${FIND} -s . -type f | \
X ${SED} -e 's|^./||;s|^|%%WWWDIR%%/|' > ${TEMP_PLIST} \
X && ${FIND} -d * -type d | \
X ${SED} -e 's|^|@dirrm %%WWWDIR%%/|' >> ${TEMP_PLIST} \
X && ${ECHO_CMD} "@dirrmtry %%WWWDIR%%" >> ${TEMP_PLIST}
X
X.include <bsd.port.mk>
END-of-phpsecinfo/Makefile
echo x - phpsecinfo/distinfo
sed 's/^X//' >phpsecinfo/distinfo << 'END-of-phpsecinfo/distinfo'
XMD5 (phpsecinfo-0.2.0.zip) = 0dbce77a2a6b761acc38302a248993f5
XSHA256 (phpsecinfo-0.2.0.zip) = 2783964dec26ed6d62fccdcacc073ca7d1ffb6696f24084cccccdb2d7779228c
XSIZE (phpsecinfo-0.2.0.zip) = 229662
END-of-phpsecinfo/distinfo
echo x - phpsecinfo/pkg-descr
sed 's/^X//' >phpsecinfo/pkg-descr << 'END-of-phpsecinfo/pkg-descr'
X### WHAT IS PHPSECINFO?
XPHPSecInfo is a PHP environment security auditing tool modeled after the
Xphpsecinfo() function. From a single function call, PHPSecInfo runs a
Xseries of tests on your PHP environment to identify potential security
Xissues and offer suggestions. It can be useful as part of a multilayered
Xsecurity approach.
X
X
X#### WHAT IS PHPSECINFO NOT?
X* It is not a replacement for secure coding practices
X* It does not audit PHP code
X* It is not comprehensive test for either your hosting environment
X or your web application
X* It is not the "final word." PHPSecInfo identifies *potential* problems
X and offers suggestions for improvement. Your environment may _require_
X certain settings that trigger cautions or warnings.
X
XWWW: http://phpsec.org/projects/phpsecinfo/
END-of-phpsecinfo/pkg-descr
echo x - phpsecinfo/pkg-plist
sed 's/^X//' >phpsecinfo/pkg-plist << 'END-of-phpsecinfo/pkg-plist'
X%%WWWDIR%%/CHANGELOG
X%%WWWDIR%%/LICENSE
X%%WWWDIR%%/PhpSecInfo/PhpSecInfo.php
X%%WWWDIR%%/PhpSecInfo/Test/CGI/force_redirect.php
X%%WWWDIR%%/PhpSecInfo/Test/Core/allow_url_fopen.php
X%%WWWDIR%%/PhpSecInfo/Test/Core/allow_url_include.php
X%%WWWDIR%%/PhpSecInfo/Test/Core/display_errors.php
X%%WWWDIR%%/PhpSecInfo/Test/Core/expose_php.php
X%%WWWDIR%%/PhpSecInfo/Test/Core/file_uploads.php
X%%WWWDIR%%/PhpSecInfo/Test/Core/gid.php
X%%WWWDIR%%/PhpSecInfo/Test/Core/magic_quotes_gpc.php
X%%WWWDIR%%/PhpSecInfo/Test/Core/memory_limit.php
X%%WWWDIR%%/PhpSecInfo/Test/Core/open_basedir.php
X%%WWWDIR%%/PhpSecInfo/Test/Core/post_max_size.php
X%%WWWDIR%%/PhpSecInfo/Test/Core/register_globals.php
X%%WWWDIR%%/PhpSecInfo/Test/Core/uid.php
X%%WWWDIR%%/PhpSecInfo/Test/Core/upload_max_filesize.php
X%%WWWDIR%%/PhpSecInfo/Test/Core/upload_tmp_dir.php
X%%WWWDIR%%/PhpSecInfo/Test/Curl/file_support.php
X%%WWWDIR%%/PhpSecInfo/Test/Session/save_path.php
X%%WWWDIR%%/PhpSecInfo/Test/Session/use_trans_sid.php
X%%WWWDIR%%/PhpSecInfo/Test/Test.php
X%%WWWDIR%%/PhpSecInfo/Test/Test_Cgi.php
X%%WWWDIR%%/PhpSecInfo/Test/Test_Core.php
X%%WWWDIR%%/PhpSecInfo/Test/Test_Curl.php
X%%WWWDIR%%/PhpSecInfo/Test/Test_Session.php
X%%WWWDIR%%/README
X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo.html
X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test.html
X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Cgi.html
X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Cgi_Force_Redirect.html
X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core.html
X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Allow_Url_Fopen.html
X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Allow_Url_Include.html
X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Display_Errors.html
X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Expose_Php.html
X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_File_Uploads.html
X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Gid.html
X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Magic_Quotes_GPC.html
X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Memory_Limit.html
X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Open_Basedir.html
X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Post_Max_Size.html
X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Register_Globals.html
X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Uid.html
X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Upload_Max_Filesize.html
X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Upload_Tmp_Dir.html
X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Curl.html
X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Curl_File_Support.html
X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Session.html
X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Session_Save_Path.html
X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Session_Use_Trans_Sid.html
X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_PhpSecInfo_php.html
X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_CGI_force_redirect_php.html
X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_allow_url_fopen_php.html
X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_allow_url_include_php.html
X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_display_errors_php.html
X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_expose_php_php.html
X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_file_uploads_php.html
X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_gid_php.html
X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_magic_quotes_gpc_php.html
X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_memory_limit_php.html
X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_open_basedir_php.html
X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_post_max_size_php.html
X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_register_globals_php.html
X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_uid_php.html
X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_upload_max_filesize_php.html
X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_upload_tmp_dir_php.html
X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Curl_file_support_php.html
X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Session_save_path_php.html
X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Session_use_trans_sid_php.html
X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Test_Cgi_php.html
X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Test_Core_php.html
X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Test_Curl_php.html
X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Test_Session_php.html
X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Test_php.html
X%%WWWDIR%%/docs/PhpSecInfo/_index_php.html
X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoPhpSecInfo.php.html
X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCGIforce_redirect.php.html
X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoreallow_url_fopen.php.html
X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoreallow_url_include.php.html
X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoredisplay_errors.php.html
X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoreexpose_php.php.html
X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCorefile_uploads.php.html
X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoregid.php.html
X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoremagic_quotes_gpc.php.html
X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCorememory_limit.php.html
X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoreopen_basedir.php.html
X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCorepost_max_size.php.html
X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoreregister_globals.php.html
X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoreuid.php.html
X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoreupload_max_filesize.php.html
X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoreupload_tmp_dir.php.html
X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCurlfile_support.php.html
X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestSessionsave_path.php.html
X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestSessionuse_trans_sid.php.html
X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestTest.php.html
X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestTest_Cgi.php.html
X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestTest_Core.php.html
X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestTest_Curl.php.html
X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestTest_Session.php.html
X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__index.php.html
X%%WWWDIR%%/docs/blank.html
X%%WWWDIR%%/docs/classtrees_PhpSecInfo.html
X%%WWWDIR%%/docs/elementindex.html
X%%WWWDIR%%/docs/elementindex_PhpSecInfo.html
X%%WWWDIR%%/docs/errors.html
X%%WWWDIR%%/docs/index.html
X%%WWWDIR%%/docs/li_PhpSecInfo.html
X%%WWWDIR%%/docs/media/banner.css
X%%WWWDIR%%/docs/media/stylesheet.css
X%%WWWDIR%%/docs/packages.html
X%%WWWDIR%%/docs/todolist.html
X%%WWWDIR%%/index.php
X%%WWWDIR%%/phpdoc-build.conf
X at dirrm %%WWWDIR%%/PhpSecInfo/Test/CGI
X at dirrm %%WWWDIR%%/PhpSecInfo/Test/Core
X at dirrm %%WWWDIR%%/PhpSecInfo/Test/Curl
X at dirrm %%WWWDIR%%/PhpSecInfo/Test/Session
X at dirrm %%WWWDIR%%/PhpSecInfo/Test
X at dirrm %%WWWDIR%%/PhpSecInfo
X at dirrm %%WWWDIR%%/docs/media
X at dirrm %%WWWDIR%%/docs/PhpSecInfo
X at dirrm %%WWWDIR%%/docs/__filesource
X at dirrm %%WWWDIR%%/docs
X at dirrmtry %%WWWDIR%%
END-of-phpsecinfo/pkg-plist
exit
--- phpsecinfo-0.2.0.shar ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list