Problem/Motivation

Add the security check for Anonymous/Authenticated role permission.

Steps to reproduce

Proposed resolution

Proposed Resolution
Create FitCheck Plugin:  AnonymousAuthenticatedPermissions 
• Group: Security
• Purpose: Detect and flag dangerous permissions assigned to Anonymous and Authenticated roles.
Checks to Implement
• Identify high-risk permissions assigned to the roles, including but not limited to:
• Any “administer *” permissions (e.g., administer users, administer permissions, administer site configuration).
• “delete any *” or “delete own *” content permissions granted to anonymous users.
• Permissions that allow bypassing normal access controls, such as “bypass node access”.
• Access to admin pages or toolbar permissions (e.g., “access administration pages”, “access toolbar”).
• Permissions related to code execution such as “execute php code”.
• Other critical permissions that pose similar high risks.
Plugin Behavior and Output
• When dangerous permissions are found:
• Return a  FitResult with a high or critical weight indicating the severity.
• Provide a detailed message listing all problematic permissions discovered.
• Include a help message describing remediation steps, such as removing unnecessary permissions or restricting them to trusted roles only.

Remaining tasks

User interface changes

API changes

Data model changes

CommentFileSizeAuthor
#6 3558248-6.patch14.51 KBshubham.prakash

Comments

anmolgoyal74 created an issue. See original summary.

anmolgoyal74’s picture

Title: Drupal FIT Security Checks » Add check for Anonymous/Authenticated role permission
harivansh’s picture

Issue summary: View changes
harivansh’s picture

Issue summary: View changes
shubham.prakash’s picture

Assigned: Unassigned » shubham.prakash
shubham.prakash’s picture

StatusFileSize
new14.51 KB
shubham.prakash’s picture

Assigned: shubham.prakash » Unassigned
Status: Active » Needs review
harivansh’s picture

Status: Needs review » Fixed

Now that this issue is closed, review the contribution record.

As a contributor, attribute any organization that helped you, or if you volunteered your own time.

Maintainers, credit people who helped resolve this issue.

harivansh’s picture

Status: Fixed » Closed (fixed)