Source for file gid.php

Documentation is available at gid.php

  1. <?php
  2. /**
  3. * Test class for GID
  4. *
  5. * @package PhpSecInfo
  6. * @author Ed Finkler <coj@funkatron.com>
  7. */
  8.  
  9.  
  10. /**
  11. * require the PhpSecInfo_Test_Core class
  12. */
  13. require_once('PhpSecInfo/Test/Test_Core.php');
  14.  
  15.  
  16. /**
  17. * the minimum "safe" UID that php should be executing as. This can vary,
  18. * but in general 100 seems like a good min.
  19. *
  20. */
  21. define ('PHPSECINFO_MIN_SAFE_GID', 100);
  22.  
  23. /**
  24. * Test class for GID
  25. *
  26. * @package PhpSecInfo
  27. */
  28. class PhpSecInfo_Test_Core_Gid extends PhpSecInfo_Test_Core
  29. {
  30.  
  31. /**
  32. * This should be a <b>unique</b>, human-readable identifier for this test
  33. *
  34. * @var string
  35. */
  36. var $test_name = "group_id";
  37. var $recommended_value = PHPSECINFO_MIN_SAFE_GID;
  38. function _retrieveCurrentValue() {
  39. $this->current_value = getmygid();
  40. }
  41. /**
  42. * Checks the GID of the PHP process to make sure it is above PHPSECINFO_MIN_SAFE_GID
  43. *
  44. * @see PHPSECINFO_MIN_SAFE_GID
  45. */
  46. function _execTest() {
  47. if ($this->current_value >= $this->recommended_value) {
  48. return PHPSECINFO_TEST_RESULT_OK;
  49. }
  50. return PHPSECINFO_TEST_RESULT_WARN;
  51. }
  52. /**
  53. * Set the messages specific to this test
  54. *
  55. */
  56. function _setMessages() {
  57. parent::_setMessages();
  58. $this->setMessageForResult(PHPSECINFO_TEST_RESULT_OK, 'en', 'PHP is executing as what is probably a non-privileged group');
  59. $this->setMessageForResult(PHPSECINFO_TEST_RESULT_WARN, 'en', 'PHP may be executing as a "privileged" group, which could be a serious security vulnerability.');
  60. }
  61.  
  62. }

Documentation generated on Mon, 26 Feb 2007 10:49:58 -0500 by phpDocumentor 1.3.0RC3