- Login or register to create an issue
- Advanced search
| Summary | Status | Priority | Category | Version | Component | Replies |
Last updated |
Assigned to | Created |
|---|---|---|---|---|---|---|---|---|---|
| Check for base_url in settings.php | active | normal | feature requests | 7.x-1.x-dev | Code | 1 day 21 hours | 1 day 21 hours | ||
| How/Cannot access | postponed (maintainer needs more info) | normal | bug reports | 7.x-1.0 | User interface | 2 | 2 weeks 4 days | 9 weeks 2 days | |
| /admin/reports/security-review/help/views/access 404 | needs review | normal | bug reports | 6.x-1.2 | Code | 8 | 4 weeks 3 hours | 28 weeks 5 days | |
| Error in module description | closed (fixed) | normal | bug reports | 7.x-1.0 | Documentation | 3 | 5 weeks 4 days | 7 weeks 6 days | |
| "Some files and directories in your install are writable by the server" (not sure where to go from here) | postponed (maintainer needs more info) | major | support requests | 7.x-1.0 | Miscellaneous | 3 | 7 weeks 6 days | 8 weeks 14 hours | |
| File system check fails on a subdirectory multisite configuration | active | normal | bug reports | 7.x-1.0 | Code | 9 weeks 4 days | 9 weeks 4 days | ||
| There are Views that do not provide any access checks. | active | normal | support requests | 6.x-1.2 | Miscellaneous | 2 | 10 weeks 5 days | 11 weeks 1 day | |
| Documentation on security_review_check_input_formats() is misleading | needs review | normal | bug reports | 7.x-1.x-dev | Documentation | 1 | 12 weeks 3 days | 12 weeks 3 days | |
| Check for temporary files like settings.php~ | active | normal | feature requests | 7.x-1.x-dev | Code | 3 | 15 weeks 3 days | ghazlewood | 15 weeks 4 days |
| Report won't run, reports NULL | active | normal | bug reports | 6.x-1.2 | Code | 1 | 16 weeks 5 hours | 21 weeks 23 hours | |
| AssignUserID / apache2-mpm-itk | active | normal | support requests | 7.x-1.x-dev | Documentation | 1 | 18 weeks 3 days | 18 weeks 4 days | |
| Fatal error when entity does not provide a label entity key | needs review | major | bug reports | 7.x-1.x-dev | Code | 2 | 19 weeks 4 days | 19 weeks 4 days | |
| Permission check fails to ignore a file directory that is only one level deep | closed (fixed) | normal | bug reports | 6.x-1.x-dev | Code | 4 | 23 weeks 19 hours | 1 year 15 weeks | |
| Please explain: untrusted users | closed (fixed) | normal | feature requests | 7.x-1.x-dev | User interface | 5 | 24 weeks 2 days | 1 year 46 weeks | |
| Drush file permissions check always works becaues PHP CLI user can write to files | closed (fixed) | normal | bug reports | 6.x-1.x-dev | Code | 4 | 24 weeks 2 days | 1 year 27 weeks | |
| make files security check more paranoid | closed (fixed) | normal | bug reports | 6.x-1.x-dev | Code | 6 | 24 weeks 2 days | 48 weeks 3 days | |
| Spelling Error | closed (fixed) | minor | tasks | 7.x-1.x-dev | User interface | 2 | 24 weeks 2 days | 40 weeks 2 hours | |
| Unable to access filefield or views reports | closed (fixed) | normal | bug reports | 6.x-1.2 | Code | 10 | 24 weeks 2 days | 1 year 24 weeks | |
| uploads report doesn't link to helpful places | closed (fixed) | normal | feature requests | 7.x-1.x-dev | Code | 3 | 24 weeks 2 days | 1 year 2 weeks | |
| Bring that views access check back | closed (fixed) | normal | feature requests | 7.x-1.x-dev | Code | 3 | 24 weeks 2 days | 1 year 2 weeks | |
| Check details page says "PHP found in" but no content is listed below it | active | normal | bug reports | 7.x-1.x-dev | Code | 7 | 26 weeks 1 day | 28 weeks 4 days | |
| identify private files as a non-dangerous writable dir | needs work | normal | bug reports | 7.x-1.x-dev | Code | 3 | 26 weeks 2 days | 48 weeks 3 days | |
| boost cache folder not security risk | needs review | normal | bug reports | 6.x-1.x-dev | Code | 5 | 26 weeks 2 days | 2 years 34 weeks | |
| Dangerous tags were found in comments. | closed (cannot reproduce) | normal | bug reports | 6.x-1.1 | Code | 1 | 26 weeks 2 days | 2 years 3 weeks | |
| Ajax error | postponed (maintainer needs more info) | normal | support requests | 7.x-1.0 | Code | 5 | 26 weeks 2 days | 1 year 1 week | |
| 'Dangerous tags in content' help should better report on untrusted roles | active | normal | feature requests | 7.x-1.0 | Code | 3 | 26 weeks 2 days | 46 weeks 3 days | |
| FastCGI App vs Apache Module - Drupal installation files and directories (except required) are not writable by the server. | closed (works as designed) | normal | support requests | 7.x-1.0 | Miscellaneous | 1 | 26 weeks 2 days | 30 weeks 4 days | |
| PHP Notice on security_review.help.inc | needs review | normal | bug reports | 7.x-1.x-dev | Code | 1 | 26 weeks 2 days | 28 weeks 4 days | |
| Drush powered security review of file permissions | active | normal | feature requests | 6.x-1.x-dev | Code | 18 | 30 weeks 1 day | 3 years 16 weeks | |
| Accept other filter modules as alternative to HTML Filter | needs work | normal | feature requests | 7.x-1.0 | Code | 5 | 30 weeks 3 days | 1 year 13 weeks | |
| check for presence and correctness of the files/.htaccess file | active | normal | feature requests | 7.x-1.x-dev | Code | 1 | 35 weeks 2 days | 1 year 12 weeks | |
| Doesn't having /sites unwritable create a less secure setup? | closed (fixed) | normal | support requests | 7.x-1.x-dev | Code | 4 | 36 weeks 3 days | 1 year 33 weeks | |
| check for nagios_enable_status_page and presence of a long nagios_ua | active | normal | feature requests | 7.x-1.x-dev | Code | 51 weeks 2 days | 51 weeks 2 days | ||
| Try to have file system permissions report respect the realities of running Drupal in different types of hosting environments | closed (works as designed) | normal | feature requests | 7.x-1.x-dev | Code | 4 | 1 year 1 week | 1 year 17 weeks | |
| Automate validation of security review so that manual intervention isn't required. | postponed (maintainer needs more info) | normal | feature requests | 7.x-1.x-dev | Code | 13 | 1 year 2 weeks | 1 year 15 weeks | |
| Cant pass the file directory permission test | postponed (maintainer needs more info) | normal | support requests | 7.x-1.0 | Miscellaneous | 1 | 1 year 2 weeks | 1 year 15 weeks | |
| query injection in drupal | closed (won't fix) | major | support requests | 7.x-1.0 | Documentation | 1 | 1 year 4 weeks | see15_aug | 1 year 4 weeks |
| Impossible to pass the test for file system permissions | active | normal | support requests | 6.x-1.2 | Code | 13 | 1 year 16 weeks | 1 year 17 weeks | |
| show date of last run | active | normal | feature requests | 7.x-1.0 | Code | 1 year 21 weeks | 1 year 21 weeks | ||
| Document API | closed (fixed) | normal | feature requests | 7.x-1.x-dev | Documentation | 3 | 1 year 23 weeks | 1 year 43 weeks | |
| Attempt to create a file and modify a file to confirm file permissions | closed (fixed) | normal | feature requests | 6.x-1.x-dev | Code | 12 | 1 year 23 weeks | 2 years 2 weeks | |
| flv file type is actually OK to allow users to upload | closed (fixed) | normal | tasks | 7.x-1.x-dev | Code | 2 | 1 year 23 weeks | 1 year 25 weeks | |
| Turn into focused check system file, UI and DB part of module | closed (fixed) | normal | tasks | 7.x-1.x-dev | Code | 4 | 1 year 23 weeks | 1 year 27 weeks | |
| Check for untrusted roles with "Warning: Give to trusted roles only; this permission has security implications" permissions | closed (fixed) | normal | feature requests | 7.x-1.x-dev | Code | 3 | 1 year 24 weeks | 1 year 27 weeks | |
| File permissions check follows subdir site infinite recursion | closed (fixed) | normal | bug reports | 6.x-1.1 | Code | 2 | 1 year 25 weeks | 1 year 30 weeks | |
| New security check: PHP filter available to untrusted roles | closed (fixed) | normal | feature requests | 7.x-1.x-dev | Code | 4 | 1 year 25 weeks | 1 year 43 weeks | |
| Input formats checks only global user's formats, should check all | closed (fixed) | normal | bug reports | 7.x-1.x-dev | Code | 2 | 1 year 25 weeks | coltrane | 1 year 27 weeks |
| file extension check links to 404 on content types with underscores in name | closed (fixed) | normal | bug reports | 6.x-1.x-dev | Code | 4 | 1 year 31 weeks | 1 year 35 weeks | |
| make security_review_admin_permissions hookable | active | normal | feature requests | 6.x-1.x-dev | Code | 1 year 33 weeks | 1 year 33 weeks | ||
| Identify nodes owned by uid 0 | active | normal | feature requests | 7.x-1.x-dev | Code | 1 year 34 weeks | 1 year 34 weeks |
Subscribe with RSS 