diff --git a/class/crontab_ssl.py b/class/crontab_ssl.py index 6b3807e4..5b761aee 100644 --- a/class/crontab_ssl.py +++ b/class/crontab_ssl.py @@ -24,15 +24,10 @@ class dict_obj: def __contains__(self, key): return getattr(self, key, None) - def __setitem__(self, key, value): setattr(self, key, value) - def __getitem__(self, key): return getattr(self, key, None) - def __delitem__(self, key): delattr(self, key) - def __delattr__(self, key): delattr(self, key) - def get_items(self): return self diff --git a/class/jobs.py b/class/jobs.py index 10e40b74..5e761999 100644 --- a/class/jobs.py +++ b/class/jobs.py @@ -61,7 +61,7 @@ def control_init(): public.ExecShell("chmod -R 600 /www/server/cron/*.log") public.ExecShell("chown -R root:root /www/server/panel/data") public.ExecShell("chown -R root:root /www/server/panel/config") - disable_putenv('putenv') + #disable_putenv('putenv') clean_session() set_crond() diff --git a/class/monitor.py b/class/monitor.py index 7da5152d..f8cd5681 100644 --- a/class/monitor.py +++ b/class/monitor.py @@ -132,8 +132,35 @@ def _php_count(self, args): return result - # 获取攻击数 - def _get_attack_nums(self, args): + # 获取当天cc攻击数 + def _get_cc_attack_num(self, args): + zero_point = int(time.time()) - int(time.time() - time.timezone) % 86400 + log_path = '/www/server/btwaf/drop_ip.log' + if not os.path.exists(log_path): return 0 + + num = 100 + log_body = public.GetNumLines(log_path, num).split('\n') + while True: + if len(log_body) < num: + break + if json.loads(log_body[0])[0] < zero_point: + break + else: + num += 100 + log_body = public.GetNumLines(log_path, num).split('\n') + + num = 0 + for line in log_body: + try: + item = json.loads(line) + if item[0] > zero_point and item[-1] == 'cc': + num += 1 + except: continue + + return num + + # 获取当天攻击总数 + def _get_attack_num(self, args): today = time.strftime('%Y-%m-%d', time.localtime()) sites = self._get_site_list() @@ -144,7 +171,8 @@ def _get_attack_nums(self, args): return count def get_exception(self, args): - data = {'mysql_slow': self._get_slow_log_nums(args), 'php_slow': self._php_count(args), 'attack_num': self._get_attack_nums(args)} + data = {'mysql_slow': self._get_slow_log_nums(args), 'php_slow': self._php_count(args), + 'attack_num': self._get_attack_num(args), 'cc_attack_num': self._get_cc_attack_num(args)} statuscode_distribute = self._statuscode_distribute(args) data.update(statuscode_distribute) return data diff --git a/class/panelSite.py b/class/panelSite.py index 01761e1b..c98e203d 100644 --- a/class/panelSite.py +++ b/class/panelSite.py @@ -3349,6 +3349,7 @@ def GetSecurity(self,get): #设置防盗链 def SetSecurity(self,get): if len(get.fix) < 2: return public.returnMsg(False,'URL后缀不能为空!'); + if len(get.domains) < 3: return public.returnMsg(False,'防盗链域名不能为空!'); file = '/www/server/panel/vhost/nginx/' + get.name + '.conf'; if os.path.exists(file): conf = public.readFile(file); diff --git a/class/san_baseline.py b/class/san_baseline.py index c667901e..4a0469c7 100644 --- a/class/san_baseline.py +++ b/class/san_baseline.py @@ -11,7 +11,7 @@ sys.setdefaultencoding('utf-8') os.chdir('/www/server/panel') sys.path.append("class/") -import time, hashlib, sys, os, json, requests, re, public, random, string, requests +import time, hashlib, sys, os, json, requests, re, public, random, string class san_baseline: @@ -52,6 +52,7 @@ def ssh_security(self): return result ######面板安全监测########################## + # 监测是否开启IP限制登陆 def get_limitip(self): if os.path.exists('/www/server/panel/data/limitip.conf'): @@ -118,8 +119,9 @@ def panel_security(self): if not self.get_limitip(): ret1 = { 'id': 7, - "harm": "中", - "level": "2", + "repaired": "0", + "harm": "警告", + "level": "1", "type": "file", "name": "宝塔面板登陆未开启(授权IP)限制登陆", "Suggestions": "加固建议 :如果你的IP存在固定IP建议添加到面板的授权IP", @@ -131,6 +133,7 @@ def panel_security(self): if not get_port_default: ret1 = { 'id': 8, + "repaired": "0", "harm": "中", "level": "2", "type": "file", @@ -143,6 +146,7 @@ def panel_security(self): if not get_admin_path: ret1 = { 'id': 9, + "repaired": "0", "harm": "高", "level": "3", "type": "file", @@ -155,6 +159,7 @@ def panel_security(self): if not get_api_open: ret1 = { 'id': 10, + "repaired": "0", "harm": "中", "level": "2", "type": "file", @@ -168,6 +173,7 @@ def panel_security(self): ret1 = { 'id': 11, "harm": "高", + "repaired": "0", "level": "3", "type": "file", "name": "面板用户名过于简单", @@ -181,6 +187,7 @@ def panel_security(self): ret1 = { 'id': 12, "harm": "高", + "repaired": "0", "level": "3", "type": "file", "name": "存在国家不允许的翻墙插件", @@ -280,6 +287,7 @@ def panel_security(self): ret1 = { 'id': i['id'], "harm": "高", + "repaired": "1", "level": "3", "type": "file", "name": "面板关键性文件权限错误%s" % i['file'], @@ -325,6 +333,7 @@ def php_version_info(self): "type": "file", "harm": "中", "level": "2", + "repaired": "1", "name": "PHP 版本泄露", "file": php_path + i + '/etc/php.ini', "Suggestions": "加固建议, 在%s expose_php的值修改为Off中修改" % (php_path + i + '/etc/php.ini'), @@ -351,6 +360,7 @@ def php_error_funcation(self): "type": "diff", "harm": "严重", "level": "5", + "repaired": "1", "name": "PHP%s 中存在危险函数未禁用" % i, "file": php_path + i + '/etc/php.ini', "Suggestions": "加固建议, 在%s 中 disable_functions= 修改成如下:" % (php_path + i + '/etc/php.ini'), @@ -370,6 +380,7 @@ def php_dir(self): "type": "dir", "harm": "高", "level": "3", + "repaired": "0", "name": "PHP 5.2 版本过旧", "file": '/www/server/php/52', "Suggestions": "加固建议:不再使用php5.2 ", @@ -396,6 +407,7 @@ def php_security(self): "type": "file", "harm": "中", "level": "2", + "repaired": "1", "name": "PHP%s 版本泄露" % i, "file": php_path + i + '/etc/php.ini', "Suggestions": "加固建议, 在%s expose_php的值修改为Off中修改" % (php_path + i + '/etc/php.ini'), @@ -415,6 +427,7 @@ def php_security(self): "type": "diff", "harm": "严重", "level": "5", + "repaired": "1", "name": "PHP%s 中存在危险函数未禁用" % i, "file": php_path + i + '/etc/php.ini', "Suggestions": "加固建议, 在%s 中 disable_functions= 修改成如下:" % (php_path + i + '/etc/php.ini'), @@ -431,6 +444,7 @@ def php_security(self): "type": "dir", "harm": "高", "level": "3", + "repaired": "0", "name": "PHP 5.2 版本过旧", "file": '/www/server/php/52', "Suggestions": "加固建议:不再使用php5.2 ", @@ -450,6 +464,7 @@ def redis_security(self): "type": "file", "harm": "高", "level": "3", + "repaired": "0", "name": "Redis 监听的地址为0.0.0.0", "file": '/www/server/redis/redis.conf', "Suggestions": "加固建议, 在%s 中的监听IP设置为127.0.0.1 例如" % ('/www/server/redis/redis.conf'), @@ -466,10 +481,11 @@ def redis_security(self): "type": "password", "harm": "高", "level": "3", + "repaired": "0", "name": "Redis 查看是否设置密码", "file": '/www/server/redis/redis.conf', "Suggestions": "加固建议, 在%s 中的为未设置密码 例如" % ('/www/server/redis/redis.conf'), - "repair": "requirepass requirepass@#$$%#@%#@!!", + "repair": "requirepass requirepassQWERQQQQQQQ", "rule": [ {"re": "\nrequirepass\s*(.+)", "check": {"type": "string", "value": []}}] } @@ -482,10 +498,11 @@ def redis_security(self): "type": "password", "harm": "高", "level": "3", + "repaired": "0", "name": "Redis 存在弱密码", "file": '/www/server/redis/redis.conf', "Suggestions": "加固建议, 在%s 中requirepass 设置为强密码" % ('/www/server/redis/redis.conf'), - "repair": "requirepass requirepass@#$$%#@%#@!!", + "repair": "requirepass requirepassQWERQQQQQQQ", "rule": [ {"re": "\nrequirepass\s*(.+)", "check": {"type": "string", "value": ['123456', 'admin', 'damin888']}}] } @@ -500,6 +517,7 @@ def redis_security(self): "type": "password", "harm": "高", "level": "3", + "repaired": "0", "name": "Redis 版本低于最新版本", "file": '/www/server/redis/redis.conf', "Suggestions": "加固建议,升级到最新版的redis", @@ -511,6 +529,19 @@ def redis_security(self): # memcached 配置安全 def memcache_security(self): ret = [] + memcache_bind = { + 'id': 46, + "type": "file", + "harm": "高", + "level": "3", + "repaired": "0", + "name": "Memcache 监听IP为0.0.0.0", + "file": '/etc/init.d/memcached', + "Suggestions": "加固建议, 在%s 中的监听IP设置为127.0.0.1 例如" % ('/etc/init.d/memcached'), + "repair": "IP=127.0.0.1", + "rule": [ + {"re": "\nIP\s?=\s?(.+)", "check": {"type": "string", "value": ['0.0.0.0']}}] + } if self.check_san_baseline(self.__repair['46']): ret.append(self.__repair['46']) return ret @@ -543,6 +574,7 @@ def mysql_security(self): 'id': 47, "type": "password", "harm": "高", + "repaired": "0", "level": "3", "name": "Mysql root密码为弱密码", "file": '/etc/init.d/memcached', @@ -556,6 +588,7 @@ def mysql_security(self): 'id': 48, "type": "password", "harm": "高", + "repaired": "0", "level": "3", "name": "3306 端口对外开放", "file": '/etc/init.d/memcached', @@ -570,9 +603,10 @@ def mysql_security(self): 'id': 49, "type": "password", "harm": "高", + "repaired": "0", "level": "3", "name": "Mysql 存在外部连接用户", - "file": '/etc/init.d/memcached', + "file": '/etc/my.local', "Suggestions": "加固建议: 进入数据库查看mysql用户表", "repair": e, } @@ -592,10 +626,9 @@ def user_security(self): # 存在非root 的管理员用户(危险) get_root_0 = { 'id': 53, - "Suggestions":"加固建议:删除其他的UID为的0用户", - "repair":"除root以为的其他的UID为0的用户的应该删除。或者为其分配新的UID", "type": "shell", "harm": "紧急", + "repaired": "0", "level": "5", "name": "存在非root 的管理员用户(危险)", "ps": "除root以为的其他的UID为0的用户的应该删除。或者为其分配新的UID", @@ -615,6 +648,7 @@ def user_security(self): 'id': 56, "type": "file", "harm": "中", + "repaired": "0", "level": "2", "name": "系统存在空密码的用户", "file": "/etc/login.defs ", @@ -666,9 +700,10 @@ def tasks_security(self): task ={ 'name': "异常计划任务", "harm": "高", + "repaired": "0", "level": 3, - "repair": "排查清楚计划任务是否非正常", - "Suggestions":"加固建议:请排查是否是异常下载", + "repair": "请排查是否是异常下载", + "Suggestions":"请排查是否是异常下载", 'list': i2 } ret.append(task) @@ -690,7 +725,7 @@ def system_dir_security(self): 'id': 58, "type": "chmod", "file": "/etc/shadow", - "chmod": [400], + "chmod": [400,000], "user": ['root'], 'group': ['root'] }, { @@ -704,7 +739,7 @@ def system_dir_security(self): 'id': 60, "type": "chmod", "file": "/etc/gshadow", - "chmod": [400], + "chmod": [400,000], "user": ['root'], 'group': ['root'] }, { @@ -777,6 +812,7 @@ def system_dir_security(self): ret1 = { 'id':i['id'], "harm": "高", + "repaired": "1", "type": "file", "name": "系统关键性文件权限错误%s" % i['file'], "Suggestions": "加固建议 : %s 权限改为%s 所属用户为%s" % (i['file'], i['chmod'], i['user']), @@ -846,40 +882,32 @@ def site_security(self): site = { "user_ini":False, "level":1, + "repaired": "0", "name":'%s该站点未启用SSL' % i['name'], "ssl":ssl, "tls":tls, "harm":"警告", } if not ssl: - site['Suggestions']='加固建议使用https为访问方式' - site['repair']='https 强制模式' site['ps'] = '%s该站点未启用SSL' % i['name'] else: if tls: - site['Suggestions'] = '加固建议: 建议使用TLS1.2及以上的安全协议' - site['repair']='TLS1.2 或者TLS1.3' - site['name']='%s该站点启用了不安全的SSL协议LSv1 或者LSv1.1' % i['name'] site['ps'] = '%s该站点启用了不安全的SSL协议LSv1 或者LSv1.1' % i['name'] site_secr.append(site) else: site = { - "user_ini": True, + "user_ini": False, "level": 1, + "repaired": "0", "name": '%s该站点未启用SSL' % i['name'], "ssl": ssl, "tls": tls, "harm": "警告", } if not ssl: - site['Suggestions']='加固建议使用https为访问方式' - site['repair']='https 强制模式' site['ps'] = '%s该站点未启用SSL' % i['name'] else: if tls: - site['Suggestions'] = '加固建议: 建议使用TLS1.2及以上的安全协议' - site['repair']='TLS1.2 或者TLS1.3' - site['name']='%s该站点启用了不安全的SSL协议LSv1 或者LSv1.1' % i['name'] site['ps'] = '%s该站点启用了不安全的SSL协议LSv1 或者LSv1.1' % i['name'] site_secr.append(site) resutl['site_list'] = site_secr @@ -1007,6 +1035,7 @@ def site_curl_security(self): if ret.status_code != 200: ret_status = { "type": "site", + "repaired": "0", "name": "%s站点通过本机访问失败" % i['nane'], "harm": "警告", 'level':"1", @@ -1029,6 +1058,7 @@ def Nginx_Apache_security(self): "name": "Nginx 版本泄露", "harm": "低", 'level': "1", + "repaired": "0", "file": '/www/server/nginx/conf/nginx.conf', "Suggestions": "加固建议, 在%s expose_php的值修改为Off中修改" % ('/www/server/nginx/conf/nginx.conf'), "repair": "expose_php = Off", @@ -1044,6 +1074,7 @@ def Nginx_Apache_security(self): 'id': 71, "type": "file", 'level': "1", + "repaired": "0", "name": "Nginx 版本过低", "harm": "低", "file": '/www/server/nginx/conf/nginx.conf', @@ -1212,9 +1243,13 @@ def get_ssh_errorlogin(self, get): day_count+=1 else: continue + + #data['intrusion'].append(l); + #data['intrusion_total'] += 1; elif l.find('Accepted') != -1: if len(data['success']) > limit: del (data['success'][0]); data['success'].append(l); + # data['success_total'] += 1; l = fp.readline(); data['intrusion_total'] = day_count months = {'Jan': '01', 'Feb': '02', 'Mar': '03', 'Apr': '04', 'May': '05', 'Jun': '06', 'Jul': '07', 'Aug': '08', 'Sep': '09', 'Oct': '10', 'Nov': '11', 'Dec': '12'} @@ -1263,7 +1298,8 @@ def repair(self,get): # 修复全部 def repair_all(self,get): for i in self.__repair: - self.repair_san_baseline(self.__repair[i]) + if self.__repair[i]['repaired']=='1': + self.repair_san_baseline(self.__repair[i]) return True if __name__ == '__main__': diff --git a/data/repair.json b/data/repair.json index b96cf082..75d9c4e0 100644 --- a/data/repair.json +++ b/data/repair.json @@ -3,6 +3,7 @@ "id": 1, "type": "file", "harm": "高", + "repaired": "1", "level": "3", "name": "确保SSH MaxAuthTries 设置为3-6之间", "file": "/etc/ssh/sshd_config", @@ -27,6 +28,7 @@ }, "2": { "id": 2, + "repaired": "1", "type": "file", "harm": "高", "level": "3", @@ -53,6 +55,7 @@ }, "3": { "id": 3, + "repaired": "1", "type": "file", "harm": "高", "level": "3", @@ -79,6 +82,7 @@ }, "4": { "id": 4, + "repaired": "1", "type": "file", "harm": "高", "level": "3", @@ -104,6 +108,7 @@ }, "5": { "id": 5, + "repaired": "1", "type": "file", "harm": "高", "level": "3", @@ -129,6 +134,7 @@ }, "6": { "id": 6, + "repaired": "1", "type": "file", "name": "SSH使用默认端口22", "harm": "高", @@ -155,6 +161,7 @@ }, "13": { "id": 13, + "repaired": "1", "harm": "高", "level": "3", "type": "chmod", @@ -166,6 +173,7 @@ }, "14": { "id": 14, + "repaired": "1", "harm": "高", "level": "3", "type": "chmod", @@ -177,6 +185,7 @@ }, "15": { "id": 15, + "repaired": "1", "harm": "高", "level": "3", "type": "chmod", @@ -188,6 +197,7 @@ }, "16": { "id": 16, + "repaired": "1", "harm": "高", "level": "3", "type": "chmod", @@ -199,6 +209,7 @@ }, "17": { "id": 17, + "repaired": "1", "harm": "高", "level": "3", "type": "chmod", @@ -210,6 +221,7 @@ }, "18": { "id": 18, + "repaired": "1", "harm": "高", "level": "3", "type": "chmod", @@ -221,6 +233,7 @@ }, "19": { "id": 19, + "repaired": "1", "harm": "高", "level": "3", "type": "chmod", @@ -232,6 +245,7 @@ }, "20": { "id": 20, + "repaired": "1", "harm": "高", "level": "3", "type": "chmod", @@ -243,6 +257,7 @@ }, "21": { "id": 21, + "repaired": "1", "harm": "高", "level": "3", "type": "chmod", @@ -254,6 +269,7 @@ }, "22": { "id": 22, + "repaired": "1", "harm": "高", "level": "3", "type": "chmod", @@ -265,6 +281,7 @@ }, "23": { "id": 23, + "repaired": "1", "harm": "高", "level": "3", "type": "chmod", @@ -276,6 +293,7 @@ }, "24": { "id": 24, + "repaired": "1", "harm": "高", "level": "3", "type": "chmod", @@ -287,6 +305,7 @@ }, "25": { "id": 25, + "repaired": "1", "type": "file", "harm": "中", "level": "2", @@ -312,6 +331,7 @@ }, "26": { "id": 26, + "repaired": "1", "type": "file", "harm": "中", "level": "2", @@ -337,6 +357,7 @@ }, "27": { "id": 27, + "repaired": "1", "type": "file", "harm": "中", "level": "2", @@ -362,6 +383,7 @@ }, "28": { "id": 28, + "repaired": "1", "type": "file", "harm": "中", "level": "2", @@ -387,6 +409,7 @@ }, "29": { "id": 29, + "repaired": "1", "type": "file", "harm": "中", "level": "2", @@ -413,6 +436,7 @@ "30": { "id": 30, "type": "file", + "repaired": "1", "harm": "中", "level": "2", "name": "PHP 7.0 版本泄露", @@ -437,6 +461,7 @@ }, "31": { "id": 31, + "repaired": "1", "type": "file", "harm": "中", "level": "2", @@ -462,6 +487,7 @@ }, "32": { "id": 32, + "repaired": "1", "type": "file", "harm": "中", "level": "2", @@ -487,6 +513,7 @@ }, "32.5": { "id": 32.5, + "repaired": "1", "type": "file", "harm": "中", "level": "2", @@ -512,6 +539,7 @@ }, "33": { "id": 33, + "repaired": "1", "type": "file", "harm": "严重", "level": "5", @@ -539,6 +567,7 @@ }, "34": { "id": 34, + "repaired": "1", "type": "file", "harm": "严重", "level": "5", @@ -566,6 +595,7 @@ }, "35": { "id": 35, + "repaired": "1", "type": "file", "harm": "严重", "level": "5", @@ -593,6 +623,7 @@ }, "36": { "id": 36, + "repaired": "1", "type": "file", "harm": "严重", "level": "5", @@ -620,6 +651,7 @@ }, "37": { "id": 37, + "repaired": "1", "type": "file", "harm": "严重", "level": "5", @@ -647,6 +679,7 @@ }, "38": { "id": 38, + "repaired": "1", "type": "file", "harm": "严重", "level": "5", @@ -676,6 +709,7 @@ "id": 39, "type": "file", "harm": "严重", + "repaired": "1", "level": "5", "name": "PHP 7.1 中存在危险函数未禁用", "file": "/www/server/php/71/etc/php.ini", @@ -702,6 +736,7 @@ "40": { "id": 40, "type": "file", + "repaired": "1", "harm": "严重", "level": "5", "name": "PHP 7.2 中存在危险函数未禁用", @@ -728,6 +763,7 @@ }, "40.5": { "id": 40.5, + "repaired": "1", "type": "file", "harm": "严重", "level": "5", @@ -755,6 +791,7 @@ }, "41": { "id": 41, + "repaired": "0", "type": "dir", "harm": "高", "level": "3", @@ -772,6 +809,7 @@ }, "42": { "id": 42, + "repaired": "0", "type": "file", "harm": "高", "level": "3", @@ -795,58 +833,9 @@ } ] }, - "43": { - "id": 43, - "type": "file", - "harm": "高", - "level": "3", - "name": "Redis 查看是否设置密码", - "file": "/www/server/redis/redis.conf", - "Suggestions": "加固建议, 在/www/server/redis/redis.conf 中的监听IP设置为127.0.0.1 例如", - "repair": "bind 127.0.0.1", - "rule": [ - { - "re": "\nrequirepass\\s*(.+)", - "check": { - "type": "string", - "value": [] - } - } - ], - "repair_loophole": [ - { - "re": "\nrequirepass\\s*(.+)", - "check": "\nrequirepass requirepass@#$$%#@%#@!!" - } - ] - }, - "44": { - "id": 44, - "type": "file", - "harm": "高", - "level": "3", - "name": "Redis 是否是弱密码", - "file": "/www/server/redis/redis.conf", - "Suggestions": "加固建议, 在/www/server/redis/redis.conf 中的监听IP设置为127.0.0.1 例如", - "repair": "bind 127.0.0.1", - "rule": [ - { - "re": "\nrequirepass\\s*(.+)", - "check": { - "type": "string", - "value": [ "123456", "admin", "damin888" ] - } - } - ], - "repair_loophole": [ - { - "re": "\nrequirepass\\s*(.+)", - "check": "\nrequirepass requirepass@#$$%#@%#@!!" - } - ] - }, "46": { "id": 46, + "repaired": "0", "type": "file", "harm": "高", "level": "3", @@ -873,6 +862,7 @@ "50": { "id": 50, "type": "file", + "repaired": "1", "harm": "中", "level": "2", "name": "SSH 密码复杂度检查", @@ -899,6 +889,7 @@ "51": { "id": 51, "type": "file", + "repaired": "1", "harm": "高", "level": "3", "name": "SSH 用户设置时间失效时间", @@ -925,6 +916,7 @@ "52": { "id": 52, "type": "file", + "repaired": "1", "harm": "中", "level": "2", "name": "设置密码修改最小间隔时间", @@ -950,6 +942,7 @@ }, "54": { "id": 54, + "repaired": "1", "type": "file", "harm": "中", "level": "2", @@ -977,6 +970,7 @@ }, "55": { "id": 55, + "repaired": "1", "type": "file", "harm": "中", "level": "2", @@ -1003,6 +997,7 @@ }, "57": { "id": 57, + "repaired": "1", "harm": "高", "level": "3", "type": "chmod", @@ -1015,6 +1010,7 @@ "58": { "id": 58, "harm": "高", + "repaired": "1", "level": "3", "type": "chmod", "chmod": "400", @@ -1025,6 +1021,7 @@ }, "59": { "id": 59, + "repaired": "1", "harm": "高", "level": "3", "type": "chmod", @@ -1036,6 +1033,7 @@ }, "60": { "id": 60, + "repaired": "1", "harm": "高", "level": "3", "type": "chmod", @@ -1047,6 +1045,7 @@ }, "61": { "id": 61, + "repaired": "1", "harm": "高", "level": "3", "type": "chmod", @@ -1058,6 +1057,7 @@ }, "62": { "id": 62, + "repaired": "1", "harm": "高", "level": "3", "type": "chmod", @@ -1069,6 +1069,7 @@ }, "63": { "id": 63, + "repaired": "1", "harm": "高", "level": "3", "type": "chmod", @@ -1080,6 +1081,7 @@ }, "64": { "id": 64, + "repaired": "1", "harm": "高", "level": "3", "type": "chmod", @@ -1092,16 +1094,18 @@ "66": { "id": 66, "harm": "高", + "repaired": "1", "level": "3", "type": "chmod", "chmod": "755", "user": "root", "group": "root", - "file": "/etc/rc.d", + "file": "/www/wwwroot", "name": "系统关键性文件权限错误/www/wwwroot" }, "67": { "id": 67, + "repaired": "1", "harm": "高", "level": "3", "type": "chmod", @@ -1113,6 +1117,7 @@ }, "68": { "id": 68, + "repaired": "1", "harm": "高", "level": "3", "type": "chmod", @@ -1124,6 +1129,7 @@ }, "69": { "id": 69, + "repaired": "1", "level": "3", "harm": "高", "type": "chmod", diff --git a/requirements.txt b/requirements.txt index 78e8ef32..b358d6fb 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1 +1 @@ -Flask<1 +Flask~>1 diff --git a/task.py b/task.py index 6d2d3096..f486567c 100644 --- a/task.py +++ b/task.py @@ -1,3 +1,4 @@ +#!/bin/python #coding: utf-8 # +------------------------------------------------------------------- # | 宝塔Linux面板