Fossil SCM
Improved wording on some of the security-audit warnings.
Commit
752365e71f515638f3f9509941683734a84c489f141bd24841248061ab01eb5c
Parent
4253b1de6b36188…
1 file changed
+5
-5
+5
-5
| --- src/security_audit.c | ||
| +++ src/security_audit.c | ||
| @@ -195,23 +195,23 @@ | ||
| 195 | 195 | z = db_text(0, "SELECT group_concat(login,' AND ') FROM user" |
| 196 | 196 | " WHERE cap GLOB '*y*'" |
| 197 | 197 | " AND login in ('anonymous','nobody','reader','developer')"); |
| 198 | 198 | if( z && z[0] ){ |
| 199 | 199 | @ <li><p> |
| 200 | - @ The "Write-Unver" privilege is granted to an entire of users | |
| 200 | + @ The "Write-Unver" privilege is granted to an entire class of users | |
| 201 | 201 | @ (%h(z)). Ideally, the Write-Unver privilege should only be |
| 202 | - @ granted to specific individuals, each of whom are highly trusted. | |
| 202 | + @ granted to specific individuals. | |
| 203 | 203 | } |
| 204 | 204 | |
| 205 | 205 | /* Check to see if push-unversioned is granted to many people. |
| 206 | 206 | */ |
| 207 | 207 | n = db_int(0,"SELECT count(*) FROM user WHERE cap GLOB '*y*'"); |
| 208 | 208 | if( n>3 ){ |
| 209 | 209 | @ <li><p> |
| 210 | - @ The "Write-Unver" privilege is granted to a large number of | |
| 211 | - @ users (%d(n)). Ideally, the Write-Unver privilege should only | |
| 212 | - @ be granted to one or two specific individuals. | |
| 210 | + @ The "Write-Unver" privilege is granted to %d(n) users. | |
| 211 | + @ Ideally, the Write-Unver privilege should only | |
| 212 | + @ be granted to one or two users. | |
| 213 | 213 | } |
| 214 | 214 | |
| 215 | 215 | /* Notify if REMOTE_USER or HTTP_AUTHENTICATION is used for login. |
| 216 | 216 | */ |
| 217 | 217 | if( db_get_boolean("remote_user_ok", 0) ){ |
| 218 | 218 |
| --- src/security_audit.c | |
| +++ src/security_audit.c | |
| @@ -195,23 +195,23 @@ | |
| 195 | z = db_text(0, "SELECT group_concat(login,' AND ') FROM user" |
| 196 | " WHERE cap GLOB '*y*'" |
| 197 | " AND login in ('anonymous','nobody','reader','developer')"); |
| 198 | if( z && z[0] ){ |
| 199 | @ <li><p> |
| 200 | @ The "Write-Unver" privilege is granted to an entire of users |
| 201 | @ (%h(z)). Ideally, the Write-Unver privilege should only be |
| 202 | @ granted to specific individuals, each of whom are highly trusted. |
| 203 | } |
| 204 | |
| 205 | /* Check to see if push-unversioned is granted to many people. |
| 206 | */ |
| 207 | n = db_int(0,"SELECT count(*) FROM user WHERE cap GLOB '*y*'"); |
| 208 | if( n>3 ){ |
| 209 | @ <li><p> |
| 210 | @ The "Write-Unver" privilege is granted to a large number of |
| 211 | @ users (%d(n)). Ideally, the Write-Unver privilege should only |
| 212 | @ be granted to one or two specific individuals. |
| 213 | } |
| 214 | |
| 215 | /* Notify if REMOTE_USER or HTTP_AUTHENTICATION is used for login. |
| 216 | */ |
| 217 | if( db_get_boolean("remote_user_ok", 0) ){ |
| 218 |
| --- src/security_audit.c | |
| +++ src/security_audit.c | |
| @@ -195,23 +195,23 @@ | |
| 195 | z = db_text(0, "SELECT group_concat(login,' AND ') FROM user" |
| 196 | " WHERE cap GLOB '*y*'" |
| 197 | " AND login in ('anonymous','nobody','reader','developer')"); |
| 198 | if( z && z[0] ){ |
| 199 | @ <li><p> |
| 200 | @ The "Write-Unver" privilege is granted to an entire class of users |
| 201 | @ (%h(z)). Ideally, the Write-Unver privilege should only be |
| 202 | @ granted to specific individuals. |
| 203 | } |
| 204 | |
| 205 | /* Check to see if push-unversioned is granted to many people. |
| 206 | */ |
| 207 | n = db_int(0,"SELECT count(*) FROM user WHERE cap GLOB '*y*'"); |
| 208 | if( n>3 ){ |
| 209 | @ <li><p> |
| 210 | @ The "Write-Unver" privilege is granted to %d(n) users. |
| 211 | @ Ideally, the Write-Unver privilege should only |
| 212 | @ be granted to one or two users. |
| 213 | } |
| 214 | |
| 215 | /* Notify if REMOTE_USER or HTTP_AUTHENTICATION is used for login. |
| 216 | */ |
| 217 | if( db_get_boolean("remote_user_ok", 0) ){ |
| 218 |