museum-digital/MD_STD
40
0
Fork 1
Code Issues 1 Pull Requests Releases Wiki Activity

Add class for enforcing explicit security instructions in any publicly accessible script #3

New Issue
Closed
opened 2020-11-11 11:28:42 +01:00 by jrenslin · 0 comments
jrenslin commented 2020-11-11 11:28:42 +01:00
Owner
Copy Link
Copy Source

PHP can be locked down dynamically far beyond what we can do on a server / vhost level. In some scripts, this has been done already.
A class, of which one instance is initialized in the bootstrap file and which throws erros in case no security and resource allocation instructions have been specified would improve the general security of the code.

Dynamic enforcing of security-related PHP settings is mainly focused on resource allocation and e.g. file uploads.
See: https://www.php.net/manual/en/function.ini-set.php

PHP can be locked down dynamically far beyond what we can do on a server / vhost level. In some scripts, this has been done already. A class, of which one instance is initialized in the bootstrap file and which throws erros in case no security and resource allocation instructions have been specified would improve the general security of the code. Dynamic enforcing of security-related PHP settings is mainly focused on resource allocation and e.g. file uploads. See: https://www.php.net/manual/en/function.ini-set.php
jrenslin added the kind/featurekind/securitypriority/medium labels 2020-11-11 11:28:42 +01:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
kind/breaking
Critical issue that breaks a page
 kind/bug
Something is not working
 kind/docs
This concerns the documentation
 kind/enhancement
Improvements on existing features
 kind/feature
New features
 kind/lint
Code linting error
 kind/proposal
Suggestion or proposal
 kind/question
A question
 kind/refactor
Refactoring code
 kind/security
Security issue
 kind/testing
Concerns the test setup
 kind/translation
Concerns multilinguality
 kind/ui
Concerns the user interface
 priority/critical
Critical issue, highest priority
 priority/high
High priority issue
 priority/low
Low priority issue
 priority/medium
Medium priority issue
 reviewed/duplicate
This is a duplicate
 reviewed/invalid
This is an invalid issue
 reviewed/wontfix
This is issue will not be fixed
 status/done
This issue has been fixed
 status/needs-feedback
This issue needs feedback
kind/breaking
Critical issue that breaks a page
 kind/bug
Something is not working
 kind/docs
This concerns the documentation
 kind/enhancement
Improvements on existing features
 kind/feature
New features
 kind/lint
Code linting error
 kind/proposal
Suggestion or proposal
 kind/question
A question
 kind/refactor
Refactoring code
 kind/security
Security issue
 kind/testing
Concerns the test setup
 kind/translation
Concerns multilinguality
 kind/ui
Concerns the user interface
 priority/critical
Critical issue, highest priority
 priority/high
High priority issue
 priority/low
Low priority issue
 priority/medium
Medium priority issue
 reviewed/duplicate
This is a duplicate
 reviewed/invalid
This is an invalid issue
 reviewed/wontfix
This is issue will not be fixed
 status/done
This issue has been fixed
 status/needs-feedback
This issue needs feedback
No Label kind/feature kind/security priority/medium
Milestone
No items
No Milestone
Assignees
Clear assignees
abecker adamm (Ádám Magyarosi) agoll akoch (Anne-Katrin Koch) aminnig anowicki (Anna-Lena Nowicki) arnel (Arne Lindemann) awinkler (Alexander Winkler) bbaumecker bednarikj (Bednárik János) cmagdo (Csaba) cotte cpitzen dyanc emalygina fvhagel hkuper (Heinz-Günter Kuper) hwarth-geraci jjuergens (Johanna Jürgens) jrenslin (Joshua Ramon Enslin) jvpilgrim (Jens von Pilgrim) korilo (Korinna Lorz) krifo (Krisztian Fonyodi) lluethi manders (Miriam Anders) mhartmann (Manfred Hartmann) mkarbe (Matthias Karbe) mkisser (Mirko Kisser) mportius (Martin Portius) neikermann nfuelbier nklingspor nyakubovich sfusetti shollmann slorbeer sopfermann stefan swassermann szunkel (Stefan Zunkel) ufladerer
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: museum-digital/MD_STD#3
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?