You are here

public function FilePermissions::help in Security Review 8

Returns the check-specific help page.

Return value

array The render array of the check's help page.

Overrides Check::help

File

src/Checks/FilePermissions.php, line 101

Class

FilePermissions
Check that files aren't writeable by the server.

Namespace

Drupal\security_review\Checks

Code

public function help() {
  $paragraphs = [];
  $paragraphs[] = $this
    ->t('It is dangerous to allow the web server to write to files inside the document root of your server. Doing so could allow Drupal to write files that could then be executed. An attacker might use such a vulnerability to take control of your site. An exception is the Drupal files, private files, and temporary directories which Drupal needs permission to write to in order to provide features like file attachments.');
  $paragraphs[] = $this
    ->t('In addition to inspecting existing directories, this test attempts to create and write to your file system. Look in your security_review module directory on the server for files named file_write_test.YYYYMMDDHHMMSS and for a file called IGNOREME.txt which gets a timestamp appended to it if it is writeable.');
  $paragraphs[] = new Link($this
    ->t('Read more about file system permissions in the handbooks.'), Url::fromUri('http://drupal.org/node/244924'));
  return [
    '#theme' => 'check_help',
    '#title' => $this
      ->t('Web server file system permissions'),
    '#paragraphs' => $paragraphs,
  ];
}