Mercurial Repositories > eric / annotate

eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/SecurityDefaults.py@01d646569115 (annotated)

eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/SecurityDefaults.py

Wed, 10 Jun 2020 19:57:25 +0200

author
Detlev Offenbach <detlev@die-offenbachs.de>
date
Wed, 10 Jun 2020 19:57:25 +0200
changeset 7616
01d646569115
parent 7615
ca2949b1a29a
child 7628
f904d0eef264
permissions
-rw-r--r--

Code Style Checker: continued to implement checker for security related issues.

7614
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
1 # -*- coding: utf-8 -*-
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
2
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
3 # Copyright (c) 2020 Detlev Offenbach <detlev@die-offenbachs.de>
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
4 #
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
5
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
6 """
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
7 Module implementing the default values for some check modules.
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
8 """
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
9
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
10 SecurityDefaults = {
7615
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7614
diff changeset
11 # generalHardcodedTmp.py
7614
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
12 "hardcoded_tmp_directories": ["/tmp", "/var/tmp", "/dev/shm", "~/tmp"],
7615
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7614
diff changeset
13
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7614
diff changeset
14 # insecureHashlibNew.py
7614
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
15 "insecure_hashes": ['md4', 'md5', 'sha', 'sha1'],
7615
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7614
diff changeset
16
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7614
diff changeset
17 # injectionShell.py
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7614
diff changeset
18 # injectionWildcard.py
7614
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
19 "shell_injection_subprocess": [
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
20 'subprocess.Popen',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
21 'subprocess.call',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
22 'subprocess.check_call',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
23 'subprocess.check_output',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
24 'subprocess.run'],
7615
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7614
diff changeset
25
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7614
diff changeset
26 # injectionShell.py
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7614
diff changeset
27 # injectionWildcard.py
7614
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
28 "shell_injection_shell": [
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
29 'os.system',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
30 'os.popen',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
31 'os.popen2',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
32 'os.popen3',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
33 'os.popen4',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
34 'popen2.popen2',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
35 'popen2.popen3',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
36 'popen2.popen4',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
37 'popen2.Popen3',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
38 'popen2.Popen4',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
39 'commands.getoutput',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
40 'commands.getstatusoutput'],
7615
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7614
diff changeset
41
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7614
diff changeset
42 # injectionShell.py
7614
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
43 "shell_injection_noshell": [
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
44 'os.execl',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
45 'os.execle',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
46 'os.execlp',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
47 'os.execlpe',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
48 'os.execv',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
49 'os.execve',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
50 'os.execvp',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
51 'os.execvpe',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
52 'os.spawnl',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
53 'os.spawnle',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
54 'os.spawnlp',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
55 'os.spawnlpe',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
56 'os.spawnv',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
57 'os.spawnve',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
58 'os.spawnvp',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
59 'os.spawnvpe',
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
60 'os.startfile'],
7615
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7614
diff changeset
61
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7614
diff changeset
62 # insecureSslTls.py
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7614
diff changeset
63 "insecure_ssl_protocol_versions": [
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7614
diff changeset
64 'PROTOCOL_SSLv2',
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7614
diff changeset
65 'SSLv2_METHOD',
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7614
diff changeset
66 'SSLv23_METHOD',
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7614
diff changeset
67 'PROTOCOL_SSLv3',
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7614
diff changeset
68 'PROTOCOL_TLSv1',
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7614
diff changeset
69 'SSLv3_METHOD',
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7614
diff changeset
70 'TLSv1_METHOD'],
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7614
diff changeset
71
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7614
diff changeset
72 # tryExcept.py
7616
01d646569115 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7615
diff changeset
73 "check_typed_exception": False,
01d646569115 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7615
diff changeset
74
01d646569115 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7615
diff changeset
75 # weakCryptographicKey.py
01d646569115 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7615
diff changeset
76 "weak_key_size_dsa_high": 1024,
01d646569115 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7615
diff changeset
77 "weak_key_size_dsa_medium": 2048,
01d646569115 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7615
diff changeset
78 "weak_key_size_rsa_high": 1024,
01d646569115 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7615
diff changeset
79 "weak_key_size_rsa_medium": 2048,
01d646569115 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7615
diff changeset
80 "weak_key_size_ec_high": 160,
01d646569115 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7615
diff changeset
81 "weak_key_size_ec_medium": 224,
01d646569115 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7615
diff changeset
82
7614
646742c260bd Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
83 }

Mercurial Repository: eric

eric ide

mercurial