Skip to content
Permalink
Browse files

MDL-48559 reports: security report checks for web cron

  • Loading branch information...
ankitagarwal committed Dec 19, 2014
1 parent 5254140 commit 9e0188656237feb11fd929076859673da4b014fb
Showing with 39 additions and 0 deletions.
  1. +4 −0 report/security/lang/en/report_security.php
  2. +35 −0 report/security/locallib.php
@@ -116,6 +116,10 @@
$string['check_unsecuredataroot_name'] = 'Insecure dataroot';
$string['check_unsecuredataroot_ok'] = 'Dataroot directory must not be accessible via the web.';
$string['check_unsecuredataroot_warning'] = 'Your dataroot directory <code>{$a}</code> is in the wrong location and might be exposed to the web.';
$string['check_webcron_details'] = '<p>Web cron can expose priviedged information to anonymous users. It is recommended to use CLI cron or protect the cron page with a passphrase.</p>';
$string['check_webcron_warning'] = 'Anonymous users can access cron.';
$string['check_webcron_name'] = 'Web cron';
$string['check_webcron_ok'] = 'Anonymous users can not access cron.';
$string['issue'] = 'Issue';
$string['pluginname'] = 'Security overview';
$string['security:view'] = 'View security report';
@@ -56,6 +56,7 @@ function report_security_get_issue_list() {
'report_security_check_defaultuserrole',
'report_security_check_guestrole',
'report_security_check_frontpagerole',
'report_security_check_webcron',
);
}
@@ -830,3 +831,37 @@ function report_security_check_riskbackup($detailed=false) {
return $result;
}
/**
* Verifies the status of web cron
*
* @param bool $detailed
* @return object result
*/
function report_security_check_webcron($detailed = false) {
global $CFG;
$croncli = $CFG->cronclionly;
$cronremotepassword = $CFG->cronremotepassword;
$result = new stdClass();
$result->issue = 'report_security_check_webcron';
$result->name = get_string('check_webcron_name', 'report_security');
$result->details = null;
$result->link = "<a href=\"$CFG->wwwroot/$CFG->admin/settings.php?section=sitepolicies\">"
.get_string('sitepolicies', 'admin').'</a>';
if (empty($croncli) && empty($cronremotepassword)) {
$result->status = REPORT_SECURITY_WARNING;
$result->info = get_string('check_webcron_warning', 'report_security');
} else {
$result->status = REPORT_SECURITY_OK;
$result->info = get_string('check_webcron_ok', 'report_security');
}
if ($detailed) {
$result->details = get_string('check_webcron_details', 'report_security');
}
return $result;
}

0 comments on commit 9e01886

Please sign in to comment.
You can’t perform that action at this time.