6 """ |
6 """ |
7 Module implementing the default values for some check modules. |
7 Module implementing the default values for some check modules. |
8 """ |
8 """ |
9 |
9 |
10 SecurityDefaults = { |
10 SecurityDefaults = { |
|
11 # generalHardcodedTmp.py |
11 "hardcoded_tmp_directories": ["/tmp", "/var/tmp", "/dev/shm", "~/tmp"], |
12 "hardcoded_tmp_directories": ["/tmp", "/var/tmp", "/dev/shm", "~/tmp"], |
|
13 |
|
14 # insecureHashlibNew.py |
12 "insecure_hashes": ['md4', 'md5', 'sha', 'sha1'], |
15 "insecure_hashes": ['md4', 'md5', 'sha', 'sha1'], |
|
16 |
|
17 # injectionShell.py |
|
18 # injectionWildcard.py |
13 "shell_injection_subprocess": [ |
19 "shell_injection_subprocess": [ |
14 'subprocess.Popen', |
20 'subprocess.Popen', |
15 'subprocess.call', |
21 'subprocess.call', |
16 'subprocess.check_call', |
22 'subprocess.check_call', |
17 'subprocess.check_output', |
23 'subprocess.check_output', |
18 'subprocess.run'], |
24 'subprocess.run'], |
|
25 |
|
26 # injectionShell.py |
|
27 # injectionWildcard.py |
19 "shell_injection_shell": [ |
28 "shell_injection_shell": [ |
20 'os.system', |
29 'os.system', |
21 'os.popen', |
30 'os.popen', |
22 'os.popen2', |
31 'os.popen2', |
23 'os.popen3', |
32 'os.popen3', |