Date: Sat, 31 Mar 2007 01:00:57 +0800 (CST) From: chinsan <chinsan@FreeBSD.org> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/111040: [NEW PORT] www/phpsecinfo: A PHP environment security auditing toool Message-ID: <20070330170057.2FF1211451@chinsan.twbbs.org> Resent-Message-ID: <200703301710.l2UHA5Gt027062@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 111040 >Category: ports >Synopsis: [NEW PORT] www/phpsecinfo: A PHP environment security auditing toool >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Fri Mar 30 17:10:05 GMT 2007 >Closed-Date: >Last-Modified: >Originator: chinsan >Release: FreeBSD 6.2-STABLE i386 >Organization: Taiwan >Environment: System: FreeBSD chinsan.twbbs.org 6.2-STABLE FreeBSD 6.2-STABLE #6: Mon Feb 5 23:22:25 CST >Description: ### WHAT IS PHPSECINFO? PHPSecInfo is a PHP environment security auditing tool modeled after the phpsecinfo() function. From a single function call, PHPSecInfo runs a series of tests on your PHP environment to identify potential security issues and offer suggestions. It can be useful as part of a multilayered security approach. #### WHAT IS PHPSECINFO NOT? * It is not a replacement for secure coding practices * It does not audit PHP code * It is not comprehensive test for either your hosting environment or your web application * It is not the "final word." PHPSecInfo identifies *potential* problems and offers suggestions for improvement. Your environment may _require_ certain settings that trigger cautions or warnings. WWW: http://phpsec.org/projects/phpsecinfo/ Generated with FreeBSD Port Tools 0.77 >How-To-Repeat: >Fix: --- phpsecinfo-0.2.0.shar begins here --- # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # phpsecinfo # phpsecinfo/Makefile # phpsecinfo/distinfo # phpsecinfo/pkg-descr # phpsecinfo/pkg-plist # echo c - phpsecinfo mkdir -p phpsecinfo > /dev/null 2>&1 echo x - phpsecinfo/Makefile sed 's/^X//' >phpsecinfo/Makefile << 'END-of-phpsecinfo/Makefile' X# New ports collection makefile for: phpsecinfo X# Date created: 2007/04/01 X# Whom: chinsan X# X# $FreeBSD$ X# X XPORTNAME= phpsecinfo XPORTVERSION= 0.2.0 XCATEGORIES= www security XMASTER_SITES= LOCAL/chinsan X XMAINTAINER= chinsan@FreeBSD.org XCOMMENT= A PHP environment security auditing toool X XUSE_ZIP= yes XUSE_PHP= pcre XWANT_PHP_WEB= yes XNO_BUILD= yes X XWRKSRC= ${WRKDIR}/${PORTNAME} XTEMP_PLIST= ${WRKDIR}/temp-pkg-plist X Xdo-install: X @${MKDIR} ${WWWDIR} X @${CP} -R ${WRKSRC}/ ${WWWDIR}/ X @${CHOWN} -R ${WWWOWN}:${WWWGROUP} ${WWWDIR} X X# This target is only meant to be used by the port maintainer. Xx-generate-plist: X @make makesum X @cd ${WRKSRC} && ${FIND} -s . -type f | \ X ${SED} -e 's|^./||;s|^|%%WWWDIR%%/|' > ${TEMP_PLIST} \ X && ${FIND} -d * -type d | \ X ${SED} -e 's|^|@dirrm %%WWWDIR%%/|' >> ${TEMP_PLIST} \ X && ${ECHO_CMD} "@dirrmtry %%WWWDIR%%" >> ${TEMP_PLIST} X X.include <bsd.port.mk> END-of-phpsecinfo/Makefile echo x - phpsecinfo/distinfo sed 's/^X//' >phpsecinfo/distinfo << 'END-of-phpsecinfo/distinfo' XMD5 (phpsecinfo-0.2.0.zip) = 0dbce77a2a6b761acc38302a248993f5 XSHA256 (phpsecinfo-0.2.0.zip) = 2783964dec26ed6d62fccdcacc073ca7d1ffb6696f24084cccccdb2d7779228c XSIZE (phpsecinfo-0.2.0.zip) = 229662 END-of-phpsecinfo/distinfo echo x - phpsecinfo/pkg-descr sed 's/^X//' >phpsecinfo/pkg-descr << 'END-of-phpsecinfo/pkg-descr' X### WHAT IS PHPSECINFO? XPHPSecInfo is a PHP environment security auditing tool modeled after the Xphpsecinfo() function. From a single function call, PHPSecInfo runs a Xseries of tests on your PHP environment to identify potential security Xissues and offer suggestions. It can be useful as part of a multilayered Xsecurity approach. X X X#### WHAT IS PHPSECINFO NOT? X* It is not a replacement for secure coding practices X* It does not audit PHP code X* It is not comprehensive test for either your hosting environment X or your web application X* It is not the "final word." PHPSecInfo identifies *potential* problems X and offers suggestions for improvement. Your environment may _require_ X certain settings that trigger cautions or warnings. X XWWW: http://phpsec.org/projects/phpsecinfo/ END-of-phpsecinfo/pkg-descr echo x - phpsecinfo/pkg-plist sed 's/^X//' >phpsecinfo/pkg-plist << 'END-of-phpsecinfo/pkg-plist' X%%WWWDIR%%/CHANGELOG X%%WWWDIR%%/LICENSE X%%WWWDIR%%/PhpSecInfo/PhpSecInfo.php X%%WWWDIR%%/PhpSecInfo/Test/CGI/force_redirect.php X%%WWWDIR%%/PhpSecInfo/Test/Core/allow_url_fopen.php X%%WWWDIR%%/PhpSecInfo/Test/Core/allow_url_include.php X%%WWWDIR%%/PhpSecInfo/Test/Core/display_errors.php X%%WWWDIR%%/PhpSecInfo/Test/Core/expose_php.php X%%WWWDIR%%/PhpSecInfo/Test/Core/file_uploads.php X%%WWWDIR%%/PhpSecInfo/Test/Core/gid.php X%%WWWDIR%%/PhpSecInfo/Test/Core/magic_quotes_gpc.php X%%WWWDIR%%/PhpSecInfo/Test/Core/memory_limit.php X%%WWWDIR%%/PhpSecInfo/Test/Core/open_basedir.php X%%WWWDIR%%/PhpSecInfo/Test/Core/post_max_size.php X%%WWWDIR%%/PhpSecInfo/Test/Core/register_globals.php X%%WWWDIR%%/PhpSecInfo/Test/Core/uid.php X%%WWWDIR%%/PhpSecInfo/Test/Core/upload_max_filesize.php X%%WWWDIR%%/PhpSecInfo/Test/Core/upload_tmp_dir.php X%%WWWDIR%%/PhpSecInfo/Test/Curl/file_support.php X%%WWWDIR%%/PhpSecInfo/Test/Session/save_path.php X%%WWWDIR%%/PhpSecInfo/Test/Session/use_trans_sid.php X%%WWWDIR%%/PhpSecInfo/Test/Test.php X%%WWWDIR%%/PhpSecInfo/Test/Test_Cgi.php X%%WWWDIR%%/PhpSecInfo/Test/Test_Core.php X%%WWWDIR%%/PhpSecInfo/Test/Test_Curl.php X%%WWWDIR%%/PhpSecInfo/Test/Test_Session.php X%%WWWDIR%%/README X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo.html X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test.html X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Cgi.html X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Cgi_Force_Redirect.html X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core.html X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Allow_Url_Fopen.html X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Allow_Url_Include.html X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Display_Errors.html X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Expose_Php.html X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_File_Uploads.html X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Gid.html X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Magic_Quotes_GPC.html X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Memory_Limit.html X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Open_Basedir.html X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Post_Max_Size.html X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Register_Globals.html X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Uid.html X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Upload_Max_Filesize.html X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Upload_Tmp_Dir.html X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Curl.html X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Curl_File_Support.html X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Session.html X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Session_Save_Path.html X%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Session_Use_Trans_Sid.html X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_PhpSecInfo_php.html X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_CGI_force_redirect_php.html X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_allow_url_fopen_php.html X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_allow_url_include_php.html X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_display_errors_php.html X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_expose_php_php.html X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_file_uploads_php.html X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_gid_php.html X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_magic_quotes_gpc_php.html X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_memory_limit_php.html X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_open_basedir_php.html X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_post_max_size_php.html X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_register_globals_php.html X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_uid_php.html X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_upload_max_filesize_php.html X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_upload_tmp_dir_php.html X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Curl_file_support_php.html X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Session_save_path_php.html X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Session_use_trans_sid_php.html X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Test_Cgi_php.html X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Test_Core_php.html X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Test_Curl_php.html X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Test_Session_php.html X%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Test_php.html X%%WWWDIR%%/docs/PhpSecInfo/_index_php.html X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoPhpSecInfo.php.html X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCGIforce_redirect.php.html X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoreallow_url_fopen.php.html X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoreallow_url_include.php.html X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoredisplay_errors.php.html X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoreexpose_php.php.html X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCorefile_uploads.php.html X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoregid.php.html X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoremagic_quotes_gpc.php.html X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCorememory_limit.php.html X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoreopen_basedir.php.html X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCorepost_max_size.php.html X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoreregister_globals.php.html X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoreuid.php.html X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoreupload_max_filesize.php.html X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoreupload_tmp_dir.php.html X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCurlfile_support.php.html X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestSessionsave_path.php.html X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestSessionuse_trans_sid.php.html X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestTest.php.html X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestTest_Cgi.php.html X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestTest_Core.php.html X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestTest_Curl.php.html X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestTest_Session.php.html X%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__index.php.html X%%WWWDIR%%/docs/blank.html X%%WWWDIR%%/docs/classtrees_PhpSecInfo.html X%%WWWDIR%%/docs/elementindex.html X%%WWWDIR%%/docs/elementindex_PhpSecInfo.html X%%WWWDIR%%/docs/errors.html X%%WWWDIR%%/docs/index.html X%%WWWDIR%%/docs/li_PhpSecInfo.html X%%WWWDIR%%/docs/media/banner.css X%%WWWDIR%%/docs/media/stylesheet.css X%%WWWDIR%%/docs/packages.html X%%WWWDIR%%/docs/todolist.html X%%WWWDIR%%/index.php X%%WWWDIR%%/phpdoc-build.conf X@dirrm %%WWWDIR%%/PhpSecInfo/Test/CGI X@dirrm %%WWWDIR%%/PhpSecInfo/Test/Core X@dirrm %%WWWDIR%%/PhpSecInfo/Test/Curl X@dirrm %%WWWDIR%%/PhpSecInfo/Test/Session X@dirrm %%WWWDIR%%/PhpSecInfo/Test X@dirrm %%WWWDIR%%/PhpSecInfo X@dirrm %%WWWDIR%%/docs/media X@dirrm %%WWWDIR%%/docs/PhpSecInfo X@dirrm %%WWWDIR%%/docs/__filesource X@dirrm %%WWWDIR%%/docs X@dirrmtry %%WWWDIR%% END-of-phpsecinfo/pkg-plist exit --- phpsecinfo-0.2.0.shar ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070330170057.2FF1211451>