"Fossies" - the Fresh Open Source Software Archive

Member "cgiwrap-4.1/doc/changes" (16 Jun 2008, 17654 Bytes) of package /linux/www/old/cgiwrap-4.1.tar.gz:


As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file.

    1                             CGIWrap - Change Log
    2 
    3    These are some of the changes that have occured in CGIWrap from version
    4    to version.
    5      __________________________________________________________________
    6 
    7   New in version 4.1:
    8 
    9      * Added support for specifying a character set to use for cgiwrap
   10        output to address a vulnerability in how IE handles documents
   11        without a charset specified. The vulnerability allowed cross site
   12        scripting when cgiwrap URLs were accessed from a JA version of IE.
   13        To specify the charset to use, provide the "--with-charset=X"
   14        option to configure when building cgiwrap. It will default to
   15        iso-8859-1 if not specifically set.
   16      __________________________________________________________________
   17 
   18   New in version 4.0:
   19 
   20      * Bumped version number to 4.0 to deal with screwed up release
   21        numbering of earlier versions.
   22      * Added --with-soft-rlimits-only option based on patch from
   23        jplinderman@sf.net
   24      * Added --with-block-svn-paths and --with-block-cvs-paths options to
   25        prevent execution of files in those dirs.
   26      * Added --with-eruby-interpreter option from BlackSun, Inc.
   27      * Added support for setting SIGXCPU even when sigset unavailable -
   28        from BlackSun, Inc.
   29      * Fixed some warnings.
   30      * Added support for overriding DESTDIR to install in separate dir
   31        (for packaging), from debian/d3xter
   32 
   33   New in version 3.10:
   34 
   35      * Applied several patches from Javier Fernandez-Sanguino Pen~a for
   36        information release security. Removes additional output when quiet
   37        errors is enabled.
   38      * Fixed setting of LD_LIBRARY_PATH when configured to do so.
   39      * Fixed setting of ARGV for both regular and interpreted scripts when
   40        script is in a subdir. Clean up code related to this based on a
   41        patch from Jack .
   42      * Updated autoconf helpers to much newer release
   43 
   44   New in version 3.9:
   45 
   46      * Fixed a minor typo preventing allow files from working
   47      * Added support for +@netgroup syntax optionally in allow/deny files.
   48      * Fixed problem with php-nonexec-only not working properly since exec
   49        check done too late.
   50      * Applied Piotr's patch few support of newer PHP versions.
   51      * Added support for ASP interpreter execution, similar to PHP
   52        support.
   53      * Fix content of PATH_INFO when it should be / or undefined. Based on
   54        patch from Cliff Woolley.
   55 
   56   New in version 3.8:
   57 
   58      * Merged in special handling for PHP scripts by popular demand. This
   59        is based mostly on Piotr Klaban's php-cgiwrap patch, with minor
   60        changes.
   61      * Added options for php support. --with-php-interpreter and
   62        --with-php-cgiwrap
   63      * Rewrote the path translated support. Is it finally correct?
   64      * Patch from san@cobalt.rmnet.it to use REDIRECT_URL if available for
   65        SCRIPT_NAME.
   66      * Added support for access control files specific to each HTTP_HOST,
   67        useful for ISP's using Apache handlers to run cgi's that want to
   68        restrict which userids can run cgi's on certain vhosts. If enabled,
   69        the vhost access control files must exist.
   70      * Added option to require that REDIRECT_URL be specified in
   71        environment. Can be used to require that cgiwrap be invoked via a
   72        handler/action or some other internal apache redirection/rewrite.
   73        Primarily of use when invoking cgi's for virtual hosts via
   74        Action/SetHandler.
   75      * Modified san's REDIRECT_URL support to be --with-use-redirect-url
   76        instead of --with-check-redirect-url, since it's more a functional
   77        change, not a security check.
   78      * Added a --with-quiet-errors option to allow significantly
   79        restricting the amount of internal information that an error
   80        message displays.
   81      * Added ability to override the vhost that cgiwrap users via an
   82        optional CGIWRAP_AUTH_VHOST env var, which if present and feature
   83        enabled, will be used instead of HTTP_HOST. This is useful for when
   84        you have wildcard servernames in apache. Enable the
   85        --with-vhost-override option if you want this capabillity. Only
   86        applicable if vhost allow/deny dir is enabled.
   87      * Added ability to only allow scripts run by a specific userid if the
   88        CGIWRAP_REQUIRE_USER env var is specified and the
   89        --with-env-require-user feature is enabled.
   90      * Changed to autoconf 2.5 style templates and eliminated acconfig.h.
   91      * Added option to enable the special PHP support only for
   92        non-executable files.
   93      * Added modified patch by Gabriel Ambuehl to use SCRIPT_URL for
   94        SCRIPT_NAME generation.
   95 
   96   New in version 3.7.1:
   97 
   98      * Added --with-minimum-gid option to check minimum user GID and
   99        auxilliary groups. This is in response to complaints on BugTraq
  100        about suexec not checking auxgroups.
  101 
  102   New in version 3.7:
  103 
  104      * Encode user supplied output in error messages to fix cross-site
  105        scripting vulnerability reported by Hiromitsu Takagi.
  106      * Minor warning cleanup
  107      * Slight improvement to a couple diagnostic messages.
  108 
  109   New in version 3.6.5:
  110 
  111      * Fixed small problem with glibc2.1 and errno.h vs. sys/errno.h
  112      * Added simple chroot support for expert installations.
  113      * Applied fix for path translated, removed option for not enabling
  114        correct path_translated value.
  115      * Added multiuser cgi script directory support.
  116      * Added patch from Scott Sutherland for fixing parsing of auth files.
  117      * Added patch from Christian Kruse for better symlink handling.
  118 
  119   New in version 3.6.4:
  120 
  121      * Changed license to GPL finally.
  122      * Fixed netmask comparison
  123      * Added anonymous CVS server info
  124      * Updates from David Hollenberg for misc. error checking/handling and
  125        overflow protection.
  126      * Added check for making sure cgiwrap is setuid and printing out a
  127        usable error message if not.
  128      * Now prints out path to access control files if one or both are
  129        missing.
  130      * Slight changes to aux groups code just in case setgroups() doesn't
  131        support a empty list.
  132      * Added some extra info to server userid error message.
  133      * Added some info to the FAQ.
  134 
  135   New in version 3.6.3:
  136 
  137      * Added support for checking if user has a valid shell, similar to
  138        what ftpd does. The BSD licensed getusershell.o has been included
  139        for support where needed.
  140      * Bug fix for SEGV condition when certain syntax is used for the
  141        request. It did not appear exploitable, but would cause cgiwrap to
  142        core as root. Thanks to Michael Bryan (michael@blueneptune.com) for
  143        the fix.
  144 
  145   New in version 3.6.2:
  146 
  147      * Fixed the !logfd check. Thanks to Alexander Wolgast for pointing
  148        this out.
  149      * Added support for reporting rusage/return code after executing
  150        script.
  151      * Changed logging to use close-on-exec flag of file descriptor, so it
  152        can be left open for reporting rusage if enabled.
  153      * Added support for reporting approximate elapsed execution time of a
  154        cgi script.
  155 
  156   New in version 3.6.1:
  157 
  158      * Fixed the UserInFile routine. It broke cause I forgot to remove
  159        newlines.
  160 
  161   New in version 3.6:
  162 
  163      * Removed check for ./ in the path of the script. The check for ../
  164        is still there. There doesn't seem to be any need for this check as
  165        it appears to be harmless. It is being removed to allow for users
  166        with "./" in their home dir (for chrooting with wuftpd) to be able
  167        to use cgiwrap.
  168      * Added code to optionally prevent script execution if the script is
  169        group or world writable. I cannot make the check for world writable
  170        forced on, since on my site using AFS, the permission bits aren't
  171        used, and some scripts might be marked as world writable. Can't
  172        break user scripts without a major hassle.
  173      * Added code to optionally check if script file is a symbolic link.
  174        Of course, the script dir itself could still be a symbolic link.
  175      * Changed to GNU autoconf for configuration
  176      * Makefile now supports 'install' target with --install-path is
  177        specified with configure.
  178      * Support added for setting PATH and TZ environment variables before
  179        executing script
  180      * Support added for setting a bunch of different RLIMIT_ parameters
  181        before executing script, as well as allowing the administrator to
  182        set the limits with the --with-rlimit-*=value option to configure.
  183      * Error messages are now more verbose and output in HTML if possible.
  184      * Support for calling script using system() has been removed as it is
  185        not really needed for anything, and just slows things down.
  186      * Fixed malloc() error check in GetUserDir routines
  187      * Fixed race condition with permissions and opening of log file
  188      * initgroups() and setgroups() support now enabled by default
  189      * Eliminated buffer overrun in error message about chmod'ing script.
  190        Thanks to Duncan Simpson (dps@io.stargate.co.uk)
  191      * Added --with-minimum-uid option
  192      * Fixed the subdirectory restrict option. (Thanks to Jeffery Chow )
  193        for pointing this out and for testing the fix.
  194      * Added CondenseSlashes routine to eliminate doubled and trailing
  195        slashes
  196      * Added SafeMalloc routine to eliminate the need to check malloc
  197        result throughout the code.
  198      * Changed tardist target to touch all files and directories so that a
  199        consistent time stamp is reached. This should eliminate spurious
  200        calls to autoheader when building cgiwrap.
  201      * Added in code to configure.in for the various information options
  202        such as local-site-url, local-contact-phone, etc.
  203      * Added fcntl.h include, needed by open(). Problem reported by Seth
  204        Chaiklin . Also fixed quoting in the configure.in related to log
  205        file.
  206      * Finished splitting up logging functions and changes to use the
  207        Context structure.
  208      * Minor changes to the makefile, including telling it to use the
  209        CFLAGS, and improving the tardist target.
  210      * Moved extra flag stuff for AFS into it's own section and only run
  211        it if needed for AFS support.
  212      * Not sure why, but 3.6 works with AIX 4, 3.5 did not.
  213      * Cleaned up Makefile, finished support for building in a separate
  214        directory from the source, added a 'dep' target using depend.awk
  215        from mutt distribution.
  216      * Fixed problem with CHECKHOST/CHECKHOSTS typos.
  217      * Added support for using "*" with checkhost support to restrict ALL
  218        userids from being accessed from that host. (*@x.x.x.x/y.y.y.y)
  219      * Made 'no way to change uids' a compile time error with #error
  220      * Fixed bug with ALLOWFILE define in util.c.
  221 
  222   New in version 3.5:
  223 
  224      * Fixed strerror checking in Configure script and util.c for systems
  225        without strerror, can now use strerror, sys_errlist, perror, or
  226        just errno.
  227      * Major documentation overhaul, create all HTML based docs
  228      * Added option (defaulting to yes) to correctly set the
  229        PATH_TRANSLATED environment variable.
  230      * Fixed bug with the configure script and the use_system option. It
  231        would cause a preprocessor error if the system call was not found.
  232      * Cleaned up various things with the Configure script
  233      * Changed file prompting to allow using ~ paths.
  234 
  235   New in version 3.4:
  236 
  237      * Fixed typo "&" instead of "&&" in setgroups stuff
  238      * Added cgiwrap.aliases option to rewrite home dirs of users.
  239      * Moved entire cgiwrap source build tree to CVS, will make tracking
  240        changes easier.
  241      * CGIwrap now changes directories to the directory the script is
  242        located in before executing the script. Before, it always just
  243        changed to the main CGI directory. This behavior is only different
  244        if you were using scripts in subdirectories.
  245      * Changed style of cgiwrap.allow, cgiwrap.deny files to be the same
  246        as cron's allow/deny files.
  247 
  248   New in version 3.3:
  249 
  250      * Added support for attaching a label to syslog log messages.
  251      * Added code to rewrite the PATH_TRANSLATED environment variable.
  252 
  253   New in version 3.24:
  254 
  255      * Added support for logging to syslog.
  256 
  257   New in version 3.23:
  258 
  259      * Setgroups was being used no matter what you said in configure -
  260        fixed
  261      * Problem with undefined variables in Log call for subdirectories -
  262        fixed
  263      * Removed declaration of sys_errlist, and errno in util.c, since I
  264        don't think they were necessary. And they were causing problems on
  265        some architectures.
  266      * Added in user contributed host address checking code
  267      * Upgraded to using dist-3.0 PL60 for building the Configure script.
  268      * Separated initgroups() and setgroups() checks into two separate
  269        defines, and improved documentation in configure script for these
  270        options.
  271 
  272   New in version 3.22:
  273 
  274      * argv[0] is now automatically changed to the name of the script that
  275        is being executed
  276 
  277   New in version 3.21:
  278 
  279      * Rlimit defines weren't set properly when rlimit not available -
  280        fixed
  281      * The optimizer/debugger flag wasn't being used in the makefile --
  282        fixed
  283      * Defaults for checks (y/n) were not being set - fixed
  284 
  285   New in version 3.2:
  286 
  287      * MAJOR code cleanup and simplification. The code should be ALOT
  288        easier to read and understand.
  289      * Fixed the problem in the Makefile on certain architectures with the
  290        $(var) not being escaped properly. This should solve problems with
  291        Linux machines and BSD machines that I know of.
  292      * Changes way PATH_INFO is modified, CGIwrap will now correct
  293        SCRIPT_NAME for ?user=USER&script=SCRIPT type requests as well as
  294        /user/script type requests.
  295      * Subdirectories are now supported for both types of requests
  296      * Debugging output has been condensed and is a little easier to read.
  297      * Documentation has been reworked, it should be a little easier to
  298        use.
  299      * Fixed prototypes for all the functions in the cgiwrap source.
  300      * Removed a few unnecessary routines
  301      * Changed "mystrcpy" to be "strdup", and is compiled only if the
  302        current architecture does not have strdup available in it's
  303        standard library.
  304 
  305   New in version 3.11:
  306 
  307      * Fixed incorrectly indented # directives that were causing problems
  308        with some machines.
  309 
  310   New in version 3.1:
  311 
  312      * Added CONF_ALLOWFILE and CONF_DENYFILE options.
  313      * Added logging of REMOTE_USER and a status message to the log file
  314      * Added an unsupported directory for user contributed scripts and
  315        add-ons
  316      * Restructured logic for which 'set' method gets used.
  317      * Removed option to not check if gid changed, it was an oversight
  318        that this was left in. There isn't any case I know of that you
  319        wouldn't want to check this.
  320      * Moved id setting routines into util.c
  321      * Added new source file for allow/deny code.
  322      * Removed some error output that didn't make sense (system error
  323        messages that were getting returned when I issued a regular cgiwrap
  324        error)
  325      * Added a 'remake' target to the makefile which does a clean, then a
  326        Configure -S, then a make all to rebuild he entire binary. This is
  327        useful if you have multiple config.sh files (eg. you're building
  328        for several setups from the same dir)
  329 
  330   New in version 3.0:
  331 
  332      * Set up Configure scripts for CGIwrap
  333      * Renamed many of the config options to make more consistent
  334      * Rearranged directory structure of CGIwrap distribution
  335      * Removed "CONF_SANITIZE" option, it is always on now.
  336      * Removed "CONF_CHECK_UID" option, it is always on now.
  337      * Removed "CONF_FORCE_DEBUG" option, and "CONF_DEBUG_BY_NAME" option,
  338        cgiwrap automatically does debugging output by name now.
  339      * Added info about setting up an access-controlled cgiwrap which
  340        allows users to control access to their scripts.
  341      * Renamed DEBUG to CONF_DEBUG to solve a compile problem with some
  342        systems wanting to add -DDEBUG to CFLAGS.
  343 
  344   New in version 2.7:
  345 
  346      * Added HTTPD_USER and CHECK_HTTPD_USER to verify that cgiwrap is
  347        being called by the server. This is for (access to scripts)
  348        security, it doesn't affect system security any.
  349      * Added AFS PAG support
  350 
  351   New in version 2.6:
  352 
  353      * Moved rlimit call into new subroutine SetLimits
  354      * Changed exec call to an execv and passed argv to support argument
  355        passing This will only work correctly for scripts called with no
  356        other arguments... Eg, must use "cgiwrap/user/script?" syntax
  357 
  358   New in version 2.5:
  359 
  360      * Fixed problem with not correctly falling back from PATH_INFO
  361      * Added SETUID_SETEUID option for setting UID's
  362      * Added checks to make sure effective ugid changed as well as real.
  363 
  364   New in version 2.4:
  365 
  366      * Fixed incorrect exec call, added null at end.
  367 
  368   New in version 2.3:
  369 
  370      * Fixed location of setgroups() call
  371      * Added INSTALL file and fixed PROMO that was old.
  372 
  373   New in version 2.2:
  374 
  375      * More debug outpt for environment variables
  376      * Option to check exec bit on script and error msg if not set
  377 
  378   New in version 2.1:
  379 
  380      * Fixed ~ bug
  381      * Added PATH_INFO and SCRIPT_NAME rewrite code
  382      * Added SETGROUPS option to config
  383      * Added RLIMIT option to config
  384 
  385   New in version 2.0:
  386 
  387      * Added support for PATH_INFO specification of user/script
  388      * Added stderr redirection to stdout
  389      * Added option for doing debugging output by cmd name
  390      * Added option to use exec or system calls
  391 
  392   New in version 1.0:
  393 
  394      * Everything! This is the first public distribution.