diff options
author | Phil Davis <phil.davis@inf.org> | 2017-01-02 17:45:37 +0545 |
---|---|---|
committer | Phil Davis <phil.davis@inf.org> | 2017-01-02 17:45:37 +0545 |
commit | 57188e4752b9606c54cd49f4d8f96ec0fc38f8f3 (patch) | |
tree | c035bdc261d27847a7dd4667f7a3d83ff8a2fe18 /tools | |
parent | 8db81fbcaa33012cb4fa573312a8f72ed3660dd1 (diff) | |
download | pfsense-57188e4752b9606c54cd49f4d8f96ec0fc38f8f3.zip pfsense-57188e4752b9606c54cd49f4d8f96ec0fc38f8f3.tar.gz |
Add security notes for privilege assignment pages
Suggested solution for Redmine 2247
Diffstat (limited to 'tools')
-rwxr-xr-x | tools/scripts/generate-privdefs.php | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/tools/scripts/generate-privdefs.php b/tools/scripts/generate-privdefs.php index c8e2421..da76692 100755 --- a/tools/scripts/generate-privdefs.php +++ b/tools/scripts/generate-privdefs.php @@ -96,6 +96,7 @@ $pdata .= "\n"; $pdata .= "\$priv_list['page-all'] = array();\n"; $pdata .= "\$priv_list['page-all']['name'] = gettext(\"WebCfg - All pages\");\n"; $pdata .= "\$priv_list['page-all']['descr'] = gettext(\"Allow access to all pages\");\n"; +$pdata .= "\$priv_list['page-all']['warn'] = \"standard-warning-root\";\n"; $pdata .= "\$priv_list['page-all']['match'] = array();\n"; $pdata .= "\$priv_list['page-all']['match'][] = \"*\";\n"; $pdata .= "\n"; @@ -107,6 +108,7 @@ foreach ($data as $fname => $tags) { $ident = ""; $name = ""; $descr = ""; + $warn = ""; $match = array(); foreach ($vals as $vname => $vlist) { @@ -121,6 +123,9 @@ foreach ($data as $fname => $tags) { case "DESCR": $descr = $vlist[0]; break; + case "WARN": + $warn = $vlist[0]; + break; case "MATCH": $match = $vlist; break; @@ -140,6 +145,11 @@ foreach ($data as $fname => $tags) { $pdata .= "\$priv_list['{$ident}'] = array();\n"; $pdata .= "\$priv_list['{$ident}']['name'] = gettext(\"WebCfg - {$name}\");\n"; $pdata .= "\$priv_list['{$ident}']['descr'] = gettext(\"{$descr}\");\n"; + + if (strlen($warn) > 0) { + $pdata .= "\$priv_list['{$ident}']['warn'] = \"{$warn}\";\n"; + } + $pdata .= "\$priv_list['{$ident}']['match'] = array();\n"; foreach ($match as $url) |