From a33962bafa2a1e3d54e4ca1e2e8f3161d6cdf6b0 Mon Sep 17 00:00:00 2001 From: ian Date: Tue, 9 Nov 1999 23:04:32 +0000 Subject: [PATCH] Rationalised. --- www-cgi/.cvsignore | 2 + www-cgi/INSTALL | 46 ++++++++++++++++++++ www-cgi/Makefile | 18 +++----- www-cgi/srm.conf.fragment | 1 - www-cgi/ucgi.c | 19 ++++++++ www-cgi/ucgi.h | 20 ++++++++- www-cgi/ucgicommon.c | 20 ++++++++- www-cgi/ucgitarget.c | 19 ++++++++ www-cgi/user-cgi.text | 58 ++++++++++++++----------- www-cgi/user-local-lib-user-cgi-find-ls | 6 --- 10 files changed, 162 insertions(+), 47 deletions(-) create mode 100644 www-cgi/.cvsignore create mode 100644 www-cgi/INSTALL delete mode 100644 www-cgi/user-local-lib-user-cgi-find-ls diff --git a/www-cgi/.cvsignore b/www-cgi/.cvsignore new file mode 100644 index 0000000..79f731a --- /dev/null +++ b/www-cgi/.cvsignore @@ -0,0 +1,2 @@ +ucgi +ucgitarget diff --git a/www-cgi/INSTALL b/www-cgi/INSTALL new file mode 100644 index 0000000..5169872 --- /dev/null +++ b/www-cgi/INSTALL @@ -0,0 +1,46 @@ +To install the www-cgi service: + +1. Run make to build ucgi and ucgitarget. + +2. Create the directory /usr/local/lib/user-cgi/cgi + +3. Install the programs: +(a) ucgitarget as /usr/local/lib/user-cgi/target +(b) ucgi as /usr/local/lib/user-cgi/ucgi +(c) a symlink /usr/local/lib/user-cgi/ucgi-debug -> ucgi +(d) the script `check' as /usr/local/lib/user-cgi/check + +4. Put the extra ScriptAlias directives in srm.conf.fragment in the +appropriate part of your webserver configuration. + +5. Install the userv service: +(a) Put the file www-cgi in /etc/userv/services.d (you may need to + adjust it for your local configuration) +(b) If you don't already have it, add this line to /etc/userv/system.default: + include-lookup service /etc/userv/services.d + +6. As a test user, create a `public-cgi' directory, and a symlink in +it called `check' which points to /usr/local/lib/user-cgi/check. + +7. Test that all is working by visiting + http://www.example.com/ucgi-debug/~fred/check + http://www.example.com/ucgi/~fred/check + + +Copyright (C) 1999 Ian Jackson + +This is free software; you can redistribute it and/or modify it +under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with userv-utils; if not, write to the Free Software +Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + +$Id$ diff --git a/www-cgi/Makefile b/www-cgi/Makefile index c2bfd7a..10ba3ee 100644 --- a/www-cgi/Makefile +++ b/www-cgi/Makefile @@ -1,22 +1,14 @@ CFLAGS= -Wall -Wwrite-strings -Wmissing-prototypes -Wstrict-prototypes \ - -Wpointer-arith -O2 -g -DREALLY_CHECK_FILE='"/etc/inittab"' + -Wpointer-arith -O2 -g LDFLAGS= -TARGETS=really ucgi ucgitarget +TARGETS= ucgi ucgitarget all: $(TARGETS) -ucgi: ucgi.o ucgicommon.o +OBJS= ucgi.o ucgitarget.o ucgicommon.o +ucgi: ucgi.o ucgicommon.o ucgitarget: ucgitarget.o ucgicommon.o -really: really.o myopt.o - -really-test: really Makefile - rm -f really-test - cp really really-test - really chown root.staff really-test - really chmod 4770 really-test - -really-check: really-test really.testcases - ./really.testcases +$(OBJS): ucgi.h diff --git a/www-cgi/srm.conf.fragment b/www-cgi/srm.conf.fragment index eac2f83..d6570fb 100644 --- a/www-cgi/srm.conf.fragment +++ b/www-cgi/srm.conf.fragment @@ -1,3 +1,2 @@ ScriptAlias /ucgi/ /usr/local/lib/user-cgi/cgi/ucgi/ ScriptAlias /ucgi-debug/ /usr/local/lib/user-cgi/cgi/ucgi-debug/ -ScriptAlias /ucgicgi/ /usr/local/lib/user-cgi/cgi/ diff --git a/www-cgi/ucgi.c b/www-cgi/ucgi.c index 8edccc3..0e11624 100644 --- a/www-cgi/ucgi.c +++ b/www-cgi/ucgi.c @@ -1,6 +1,25 @@ /* * Usage: as CGI script */ +/* + * Copyright (C) 1998-1999 Ian Jackson + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with userv-utils; if not, write to the Free Software + * Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + * $Id$ + */ #include #include diff --git a/www-cgi/ucgi.h b/www-cgi/ucgi.h index f361ce8..f8dc674 100644 --- a/www-cgi/ucgi.h +++ b/www-cgi/ucgi.h @@ -1,4 +1,22 @@ -/**/ +/* + * Copyright (C) 1998-1999 Ian Jackson + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with userv-utils; if not, write to the Free Software + * Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + * $Id$ + */ #ifndef UCGI_H #define UCGI_H diff --git a/www-cgi/ucgicommon.c b/www-cgi/ucgicommon.c index 7feeeb6..924ad0e 100644 --- a/www-cgi/ucgicommon.c +++ b/www-cgi/ucgicommon.c @@ -1,4 +1,22 @@ -/**/ +/* + * Copyright (C) 1998-1999 Ian Jackson + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with userv-utils; if not, write to the Free Software + * Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + * $Id$ + */ #include #include diff --git a/www-cgi/ucgitarget.c b/www-cgi/ucgitarget.c index 795d804..ebec06b 100644 --- a/www-cgi/ucgitarget.c +++ b/www-cgi/ucgitarget.c @@ -2,6 +2,25 @@ * Usage: as CGI script, but called by userv * environment variables are USERV_U_E_... */ +/* + * Copyright (C) 1998-1999 Ian Jackson + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with userv-utils; if not, write to the Free Software + * Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + * $Id$ + */ #include #include diff --git a/www-cgi/user-cgi.text b/www-cgi/user-cgi.text index 88676ea..2ab72c0 100644 --- a/www-cgi/user-cgi.text +++ b/www-cgi/user-cgi.text @@ -1,23 +1,17 @@ -Users can now arrange to have CGI scripts run by chiark's webserver. -This is achieved using userv (see /info/new 183, /usr/doc/userv and +Users can arrange to have CGI scripts run by the webserver. +This is achieved using userv (see ). Before you write such scripts you should be aware of the security -issues involved. Please read /info/cgi-security.text ! +issues involved. -Note that public-cgi programs (and their source code) should be world -readable, and in any case by creating them you give me implicit -permission to read its contents, using my system privilege if -necessary, without notifying you. See cgi-security.text for full -details of the policy. - -Paths in chiark's http space of the form +Paths in the http space of the form /ucgi/~//... will be taken to refer to the CGI script ~/public-cgi/ and / will be used as the PATH_INFO (as is conventional). For example, - http://www.chiark.greenend.org.uk/ucgi/~ijackson/spong/foo?bar=baz + http://www.example.com/ucgi/~ijackson/spong/foo?bar=baz will run ~ijackson/public-cgi/spong with PATH_INFO set to `/foo' and QUERY_STRING set to `bar=baz'. @@ -27,12 +21,9 @@ which will return a text/plain document consisting of the standard output and standard error of your script and a line at the bottom with the high and low bytes of the script's exit status. -Also both of - http://www.chiark.greenend.org.uk/ucgicgi/check - http://www.chiark.greenend.org.uk/ucgi/~ijackson/check -are scripts which will dump their arguments and environment as a -text/plain output file. This can be used to see what input your CGI -program ought to expect. +Also, /usr/local/lib/user-cgi/cgi/check is a script which will dump +its arguments and environment as a text/plain output file. This can +be used to see what input your CGI program ought to expect. The default configuration does not enable userv's `set-environment' feature, so the environment your scripts in will be rather minimal. @@ -50,10 +41,9 @@ and other similar variables will be set correctly (see below) and can and should be trusted. However, their arguments, input and webserver-provided environment -variables (the full list is in /usr/local/src/davenant/ucgicommon.c) -will have come from the client WWW browser and are highly -untrustworthy. This means you must be very careful when writing such -programs. Beware particularly of +variables (the full list is in ucgicommon.c) will have come from the +client WWW browser and are highly untrustworthy. This means you must +be very careful when writing such programs. Beware particularly of * buffer overruns in C * trusting data not to have metacharacters. You should generally not pass client-provided data to @@ -65,7 +55,8 @@ programs. Beware particularly of Safely using untrusted client-provided data in shell scripts is very difficult. I would recommend against programming CGI scripts in shell. If you must, make sure you use appropriate quoting and -argument unparsing everywhere. +argument unparsing everywhere (and don't do it if you don't know what +I mean by argument unparsing). The invocation of user-provided CGI scripts is achieved by using userv to invoke the `www-cgi' service. The webserver-provided environment @@ -90,7 +81,24 @@ You can run your own scripts from the command line by saying CGI programs' path components may not be empty, may not start with a full stop `.', and may not end with a hash `#' or tilde `~'. -Please report problems to webmaster@chiark or sysadmin@chiark. -Comments on userv should go to userv-maint@chiark.greenend.org.uk. +It is important that the webserver removes /../ components from the +PATH_INFO - if it doesn't there is a security hole. + + +Copyright (C) 1998-1999 Ian Jackson + +This is free software; you can redistribute it and/or modify it +under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with userv-utils; if not, write to the Free Software +Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - - Ian Jackson 14.07.1998 +$Id$ diff --git a/www-cgi/user-local-lib-user-cgi-find-ls b/www-cgi/user-local-lib-user-cgi-find-ls deleted file mode 100644 index bc4a99b..0000000 --- a/www-cgi/user-local-lib-user-cgi-find-ls +++ /dev/null @@ -1,6 +0,0 @@ -129078 1 drwxrwsr-x 3 root staff 1024 Sep 22 1997 /usr/local/lib/user-cgi -129079 1 lrwxrwxrwx 1 root root 34 Jan 25 1998 /usr/local/lib/user-cgi/target -> /usr/local/src/davenant/ucgitarget -239707 1 drwxrwsr-x 2 ian staff 1024 Sep 22 1997 /usr/local/lib/user-cgi/cgi -239708 1 lrwxrwxrwx 1 root root 28 Jan 25 1998 /usr/local/lib/user-cgi/cgi/ucgi -> /usr/local/src/davenant/ucgi -239709 1 lrwxrwxrwx 1 root root 4 Jan 25 1998 /usr/local/lib/user-cgi/cgi/ucgi-debug -> ucgi -239710 1 -rwxrwxr-x 1 ian staff 95 Sep 22 1997 /usr/local/lib/user-cgi/cgi/check -- 2.30.2