Subversion Repositories ggsysinfo

[/] [modules/] [sysinfo/] [lib/] [PhpSecInfo/] [Test/] [Core/] [uid.php] - Blame information for rev 123

Details | Compare with Previous | View Log

Line No. Rev Author Line
1 123 gg
<?php
2
/**
3
 * Test class for UID
4
 *
5
 * @package PhpSecInfo
6
 * @author Ed Finkler <coj@funkatron.com>
7
 */
8
 
9
 
10
/**
11
 * require the PhpSecInfo_Test_Core class
12
 */
13
require_once(PHPSECINFO_BASE_DIR.'/Test/Test_Core.php');
14
 
15
 
16
/**
17
 * the minimum "safe" UID that php should be executing as.  This can vary,
18
 * but in general 100 seems like a good min.
19
 *
20
 */
21
define ('PHPSECINFO_MIN_SAFE_UID', 100);
22
 
23
/**
24
 * Test class for UID
25
 *
26
 * @package PhpSecInfo
27
 */
28
class PhpSecInfo_Test_Core_Uid extends PhpSecInfo_Test_Core
29
{
30
 
31
        /**
32
         * This should be a <b>unique</b>, human-readable identifier for this test
33
         *
34
         * @var string
35
         */
36
        var $test_name = "user_id";
37
 
38
        var $recommended_value = PHPSECINFO_MIN_SAFE_UID;
39
 
40
        /**
41
         * This test only works under Unix OSes
42
         *
43
         * @return boolean
44
         */
45
        function isTestable() {
46
                if ($this->osIsWindows()) {
47
                        return false;
48
                } elseif ($this->getUnixId() === false) {
49
                    $this->setMessageForResult(PHPSECINFO_TEST_RESULT_NOTRUN, 'en', 'Functions required to retrieve user ID not available');
50
                    return false;
51
                }
52
                return true;
53
        }
54
 
55
 
56
        function _retrieveCurrentValue() {
57
                $id = $this->getUnixId();
58
        if (is_array($id)) {
59
            $this->current_value = $id['uid'];
60
        } else {
61
            $this->current_value = false;
62
        }
63
 
64
        }
65
 
66
        /**
67
         * Checks the GID of the PHP process to make sure it is above PHPSECINFO_MIN_SAFE_UID
68
         *
69
         * @see PHPSECINFO_MIN_SAFE_UID
70
         */
71
        function _execTest() {
72
                if ($this->current_value >= $this->recommended_value) {
73
                        return PHPSECINFO_TEST_RESULT_OK;
74
                }
75
 
76
                return PHPSECINFO_TEST_RESULT_WARN;
77
        }
78
 
79
 
80
        /**
81
         * Set the messages specific to this test
82
         *
83
         */
84
        function _setMessages() {
85
                parent::_setMessages();
86
 
87
                $this->setMessageForResult(PHPSECINFO_TEST_RESULT_OK, 'en', 'PHP is executing as what is probably a non-privileged user');
88
                $this->setMessageForResult(PHPSECINFO_TEST_RESULT_WARN, 'en', 'PHP may be executing as a "privileged" user, which could be a serious security vulnerability.');
89
                $this->setMessageForResult(PHPSECINFO_TEST_RESULT_NOTRUN, 'en', 'This test will not run on Windows OSes');
90
        }
91
 
92
 
93
}