| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2020-06-07 | Lockdown of the logging directives | jvoisin | |
| This is done to prevent an attacker who obtained arbitrary code execution to mess with the logging configuration. | |||
| 2020-04-25 | Fix and improve the previous commit | jvoisin | |
| 2020-04-25 | Add yet an other stupid things to the default set of rules | jvoisin | |
| 2020-04-24 | Add yet another disabled_functions bypass | jvoisin | |
| 2019-10-16 | Fix the default configuration | jvoisin | |
| ini_[sg]et first parameter is actually varname, and not var_name. Thanks to @gergo314 for flagging this! | |||
| 2019-04-07 | Protect against a now-public open_basedir bypass | jvoisin | |
| 2019-01-16 | Improve a bit the default rules | jvoisin | |
| 2018-12-25 | Tighten a bit the command-injection prevention rule | jvoisin | |
| 2018-08-29 | Change how we're validating certificates | xXx-caillou-xXx | |
| 2018-08-29 | Verify certs (#223) | jvoisin | |
| Ensure that certificates are verified in curl should close #47 | |||
| 2018-07-23 | Improve a bit the default rules | jvoisin | |
| - Use plain values instead of regexp where possible - Reduce the number of false positives (*cough* `curl_exec` *cough*) | |||
| 2018-07-23 | Whitelist the inclusion of `.phtml` files | jvoisin | |
| This is the extension used by PhpMyAdmin | |||
| 2018-07-23 | Allow the inclusion of `.inc` files | jvoisin | |
| 2018-07-23 | Use SameSite on PHP's session cookie in the default rules | jvoisin | |
| 2018-07-23 | Activate more features in the default rules | jvoisin | |
| 2018-07-13 | Massively optimize how rules are handled | xXx-caillou-xXx | |
| This commit does a lot of things: - Use hashtables instead of lists to store the rules - Rules that can be applied at launch time won't be tried at runtime - Improve feedback when writing nonsensical rules - Make intensive use of `zend_string` instead of `char*` | |||
| 2018-03-09 | Improve the performances of our default rules | jvoisin | |
| 2018-03-05 | Improve a bit the performances (+10%) | jvoisin | |
| 2018-02-26 | Improve the previous commit | jvoisin | |
| 2018-02-26 | Add a rule to prevent various sandbox escapes | jvoisin | |
| This used to be private, but since it apparently isn't anymore, we should forbid it ;) | |||
| 2018-02-22 | Refactor a bit our rules | jvoisin | |
| 2018-01-17 | Our configuration files are ending in .rules, not .ini | jvoisin | |
| This commit fixes the documentation, our shipped configuration files, and the related tests. Thanks to @remicollet for the tip | |||
 |
index : snuffleupagus | |
| Security module for php7 and php8 - Killing bugclasses and virtual-patching the rest! |
| summaryrefslogtreecommitdiff |