Mercurial Repositories > eric / file diff

--- a/eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/SecurityDefaults.py	Tue Jun 09 20:10:59 2020 +0200
+++ b/eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/SecurityDefaults.py	Wed Jun 10 17:52:53 2020 +0200
@@ -8,14 +8,23 @@
 """
 
 SecurityDefaults = {
+    # generalHardcodedTmp.py
     "hardcoded_tmp_directories": ["/tmp", "/var/tmp", "/dev/shm", "~/tmp"],
+    
+    # insecureHashlibNew.py
     "insecure_hashes": ['md4', 'md5', 'sha', 'sha1'],
+    
+    # injectionShell.py
+    # injectionWildcard.py
     "shell_injection_subprocess": [
         'subprocess.Popen',
         'subprocess.call',
         'subprocess.check_call',
         'subprocess.check_output',
         'subprocess.run'],
+    
+    # injectionShell.py
+    # injectionWildcard.py
     "shell_injection_shell": [
         'os.system',
         'os.popen',
@@ -29,6 +38,8 @@
         'popen2.Popen4',
         'commands.getoutput',
         'commands.getstatusoutput'],
+    
+    # injectionShell.py
     "shell_injection_noshell": [
         'os.execl',
         'os.execle',
@@ -47,4 +58,17 @@
         'os.spawnvp',
         'os.spawnvpe',
         'os.startfile'],
+    
+    # insecureSslTls.py
+    "insecure_ssl_protocol_versions": [
+        'PROTOCOL_SSLv2',
+        'SSLv2_METHOD',
+        'SSLv23_METHOD',
+        'PROTOCOL_SSLv3',
+        'PROTOCOL_TLSv1',
+        'SSLv3_METHOD',
+        'TLSv1_METHOD'],
+    
+    # tryExcept.py
+    "check_typed_exception": False, 
 }