Get started with PHP-Fusion

Start a New Thread

Users Participated

  • Chan
    Post made: 2
  • JoiNNN
    Post made: 2

  1. PHP-Fusion Support Forums
  2. Development & Design
  3. Roadmap

Check files integrity

[Development Team Access] All Roadmap items end up here for discussions.

3 Replies 2,639 Views Last Updated on 3 years ago

JoiNNN


Moderator

#1

Posted 3 years ago

Add a feature to check if PHP-Fusion files are missing, changed or corrupt.
As an example we should:
- generate a md5 of each file's content
- store the path
- store the hash
- verify the paths and hashes against data coming from the PHP-Fusion MAIN site . This is very important since comparing the data against data stored on the same site can be altered and modified-to-match if one gets it's site hacked.

Useful links:
- http://www.php.net/manual/en/ref.fam.phpef.fam.php
- http://www.sitepoint.com/monitoring-file-integr...integrity/

Go to roadmap item #1501

Posts: 862

Joined: 05/02/2011

Chan


Super Admin

#2

Posted 3 years ago

How about rewrite a Txt file with the CRC info of the zip archive file during installation to a txt file. Chmod 600 or 444 it. Include with config file.

Do a admin page check files against the txt file info... Where If crc value check fails, report in red label, etc.. It can be in the php info page feature.

Posts: 3286

Joined: 25/09/2007

JoiNNN


Moderator

#3

Posted 3 years ago

CRC is just as good, thing is if you can set chmod 444 to prevent modification then a hacker can also run chmod on that file and change the content to match modified files right? You wanna eliminate check request from MAIN? The way is see it is the safest, as long as the MAIN doesn't get hacked OFC Pfft
And yes, is meant to be displayed somewhere in the Admin Panel.

Posts: 862

Joined: 05/02/2011

Chan


Super Admin

#4

Posted 3 years ago

It is, the logic was nothing is safe on the net.. an old saying that there is always a mountain higher than the highest mountain. To provide this feature, we are already good enough.

Posts: 3286

Joined: 25/09/2007

Jump to Forum:
9 users are online
0 member and 9 guests