PHPSecInfo v0.2 now available
The newest version of PHPSecInfo, version 0.2, is now available. Here are the major changes:
- Added link to “more info” in output. These lead to pages on the phpsec.org site giving more details on the test and what to do if you have a problem
- Modified CSS to improve readability and avoid license issue with PHP (the old CSS was derived from the output of
phpinfo()) - New test:
PhpSecInfo_Test_Session_Save_Path - Added display of “current” and “recommended” settings in test result output
- Various minor changes and bug fixes; see the CHANGELOG for details
-Download now
-Join the mailing list
[tags]php, phpsecinfo, infosec, audit, tool, security[/tags]
Just a notice your suite does not work out of the box on my build. I get require_once() errors which means the relative paths are wrong.
PHP 5.2.1, Lighttpd 1.4.13. I figure these should not make a difference so the soltuion might be to sniff the real path and use that in the requires.
That’s the first time I’ve heard of such a problem. I’d have to investigate further… but I’d bet that something is goofy with your include path — maybe it’s missing “./”