"access content" is too broad of permissions for site audit report

[jrglasgow]

I see that the permission for the site audit report is "access content" which would mean on a site where the general public (anonymous users) can "access content" then they would be able to see the site audit report. The site audit report as designed will show information that we don't want the general public to know, especially when there are module that need security updates.

I would suggest the permission "administer site configuration" which is what that Status Report uses.

[socketwench]

Hmmmmm. That's better, although I feel we should define our own permissions instead. I would like to make 3.x into a standard Drupal module if possible so that reports can be run from the webUI. Drush and Drupal Console integration would still be there, but not the one all and be all.