Update of /cvsroot/mhonarc/mhonarc/MHonArc
In directory subversions:/tmp/cvs-serv8630
Modified Files:
CHANGES FILELIST
Log Message:
* New resources:
DBFILEPERMS File permissions for DBFILE.
FILEPERMS File permissions for archive files.
* Archive file creation modified to minimize the local symlink exploits:
1. A temp file with a random name is first created and written to.
2. Temp file is compressed if GZIPFILES is active.
3. Temp file is renamed to final filename.
4. File permissions are set according to FILEPERMS/DBFILEPERMS.
Using a random temp filename makes it difficult for someone to
predict filenames to execute a symlink exploit. The rename operation
is immune to symlink exploits, hence trying to using well-known names
(e.g. maillist.html, threads.html) for exploitation will not work.
Generation of temp files is done via the File::Temp module, if
installed. If not installed, a homegrown implementation is used.
Although not as secure and robust as File::Temp, it's better than
nothing and should provide a decent deterrent.
* Setuid/setgid execution causes mhonarc to terminate with an error.
Mhonarc does not pass taint checks, so we abort with an error that
setuid/setgid execution is not supported. MHonArc is too insecure
for setuid operation and trying to make it setuid-safe would require
alot of work and potentially limit a large amount of functionality.
* Added check for Fcntl and File::Basename modules in FILELIST.
* Added stylesheet for documentation. Main page docs updated to
include class attributes to get desired rendering. Updating
resource reference pages will be done gradually to leverage
style settings. Since there is so many pages, it will be done
on a page-by-page basis. Maybe I can write a perl script that
could auto-add class atteibutes where appropriate.
Index: CHANGES
===================================================================
RCS file: /cvsroot/mhonarc/mhonarc/MHonArc/CHANGES,v
retrieving revision 1.85
retrieving revision 1.86
diff -C2 -r1.85 -r1.86
*** CHANGES 17 Nov 2002 03:38:51 -0000 1.85
--- CHANGES 20 Nov 2002 23:53:07 -0000 1.86
***************
*** 21,26 ****
&fix_release=2.6.0&chunksz=50>
! * Added CHARSETALIASES resource to define aliases for official
! charset names.
* MHonArc::CharEnt:
--- 21,28 ----
&fix_release=2.6.0&chunksz=50>
! * New resources:
! CHARSETALIASES Define aliases for official charset names.
! DBFILEPERMS File permissions for DBFILE.
! FILEPERMS File permissions for archive files.
* MHonArc::CharEnt:
***************
*** 73,76 ****
--- 75,101 ----
* m2h_text_html::filter (mhtxthtml.pl):
. STYLE and CLASS attributes stripped if nofont argument specified.
+
+ * Archive file creation modified to minimize the local symlink exploits:
+
+ 1. A temp file with a random name is first created and written to.
+ 2. Temp file is compressed if GZIPFILES is active.
+ 3. Temp file is renamed to final filename.
+ 4. File permissions are set according to FILEPERMS/DBFILEPERMS.
+
+ Using a random temp filename makes it difficult for someone to
+ predict filenames to execute a symlink exploit. The rename operation
+ is immune to symlink exploits, hence trying to using well-known names
+ (e.g. maillist.html, threads.html) for exploitation will not work.
+
+ Generation of temp files is done via the File::Temp module, if
+ installed. If not installed, a homegrown implementation is used.
+ Although not as secure and robust as File::Temp, it's better than
+ nothing and should provide a decent deterrent.
+
+ * Setuid/setgid execution causes mhonarc to terminate with an error.
+ Mhonarc does not pass taint checks, so we abort with an error that
+ setuid/setgid execution is not supported. MHonArc is too insecure
+ for setuid operation and trying to make it setuid-safe would require
+ alot of work and potentially limit a large amount of functionality.
============================================================================
Index: FILELIST
===================================================================
RCS file: /cvsroot/mhonarc/mhonarc/MHonArc/FILELIST,v
retrieving revision 1.11
retrieving revision 1.12
diff -C2 -r1.11 -r1.12
*** FILELIST 15 May 2002 07:17:40 -0000 1.11
--- FILELIST 20 Nov 2002 23:53:07 -0000 1.12
***************
*** 1,6 ****
name:MHonArc
dep:Getopt::Long
- dep:Time::Local
dep:Symbol
bin:mhonarc
bin:mha-dbedit
--- 1,8 ----
name:MHonArc
+ dep:Fcntl
+ dep:File::Basename
dep:Getopt::Long
dep:Symbol
+ dep:Time::Local
bin:mhonarc
bin:mha-dbedit
---------------------------------------------------------------------
To sign-off this list, send email to [EMAIL PROTECTED] with the
message text UNSUBSCRIBE MHONARC-DEV
