Re: lynx-dev lynx2.8.4dev.19

lynx-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: lynx-dev lynx2.8.4dev.19

From:	Rob Cameron
Subject:	Re: lynx-dev lynx2.8.4dev.19
Date:	Mon, 26 Feb 2001 22:28:46 -0800 (PST)

I think there is still one remaining problem in the restrictions
table of LYUtils.c: the boolean values of some "can" fields need
to be negated.  A value of TRUE for this field for a particular
restriction would mean that the restriction is set to false by the
line 
                *(restrictions[i].flag) = !restrictions[i].can;
when the "default" or anonymous restrictions are set.  But in each
case where TRUE is used here, the restriction should be in
place under -anonymous, according to the documentation and
earlier behaviour.

I have applied the patch below and seem to get the correct
response from
lynx -anonymous '-restrictions=?'
after I build.  I am quite new to the Lynx code base, so I may
not have this right.  But if people are relying on strong security
under -anonymous, I just want to be on the safe side.

Rob
------------------------------------------------------------------
diff -ur lynx2-8-4/src/LYUtils.c lynx2-8-4.devel/src/LYUtils.c
--- lynx2-8-4/src/LYUtils.c     Mon Feb 26 18:41:57 2001
+++ lynx2-8-4.devel/src/LYUtils.c       Mon Feb 26 21:53:08 2001
@@ -4051,43 +4051,43 @@
     { "outside_ftp",   &no_outside_ftp,        
CAN_ANONYMOUS_OUTSIDE_DOMAIN_FTP },
     { "inside_rlogin", &no_inside_rlogin,      
CAN_ANONYMOUS_INSIDE_DOMAIN_RLOGIN },
     { "outside_rlogin",        &no_outside_rlogin,     
CAN_ANONYMOUS_OUTSIDE_DOMAIN_RLOGIN },
-    { "suspend",       &no_suspend,            TRUE },
-    { "editor",                &no_editor,             TRUE },
-    { "shell",         &no_shell,              TRUE },
-    { "bookmark",      &no_bookmark,           TRUE },
-    { "multibook",     &no_multibook,          TRUE },
-    { "bookmark_exec", &no_bookmark_exec,      TRUE },
-    { "option_save",   &no_option_save,        TRUE },
+    { "suspend",       &no_suspend,            FALSE },
+    { "editor",                &no_editor,             FALSE },
+    { "shell",         &no_shell,              FALSE },
+    { "bookmark",      &no_bookmark,           FALSE },
+    { "multibook",     &no_multibook,          FALSE },
+    { "bookmark_exec", &no_bookmark_exec,      FALSE },
+    { "option_save",   &no_option_save,        FALSE },
     { "print",         &no_print,              CAN_ANONYMOUS_PRINT },
-    { "download",      &no_download,           TRUE },
-    { "disk_save",     &no_disk_save,          TRUE },
+    { "download",      &no_download,           FALSE },
+    { "disk_save",     &no_disk_save,          FALSE },
 #if defined(EXEC_LINKS) || defined(EXEC_SCRIPTS)
-    { "exec",          &no_exec,               
LOCAL_EXECUTION_LINKS_ALWAYS_OFF_FOR_ANONYMOUS },
+    { "exec",          &no_exec,               
!LOCAL_EXECUTION_LINKS_ALWAYS_OFF_FOR_ANONYMOUS },
 #endif
-    { "lynxcgi",       &no_lynxcgi,            TRUE },
-    { "exec_frozen",   &exec_frozen,           TRUE },
+    { "lynxcgi",       &no_lynxcgi,            FALSE },
+    { "exec_frozen",   &exec_frozen,           FALSE },
     { "goto",          &no_goto,               CAN_ANONYMOUS_GOTO },
     { "jump",          &no_jump,               CAN_ANONYMOUS_JUMP },
-    { "file_url",      &no_file_url,           TRUE },
+    { "file_url",      &no_file_url,           FALSE },
 #ifndef DISABLE_NEWS
-    { "news_post",     &no_newspost,           TRUE },
+    { "news_post",     &no_newspost,           FALSE },
     { "inside_news",   &no_inside_news,        
CAN_ANONYMOUS_INSIDE_DOMAIN_READ_NEWS },
     { "outside_news",  &no_outside_news,       
CAN_ANONYMOUS_OUTSIDE_DOMAIN_READ_NEWS },
 #endif
     { "mail",          &no_mail,               CAN_ANONYMOUS_MAIL },
-    { "dotfiles",      &no_dotfiles,           TRUE },
-    { "useragent",     &no_useragent,          TRUE },
+    { "dotfiles",      &no_dotfiles,           FALSE },
+    { "useragent",     &no_useragent,          FALSE },
 #ifdef SUPPORT_CHDIR
-    { "chdir",         &no_chdir,              TRUE },
+    { "chdir",         &no_chdir,              FALSE },
 #endif
 #ifdef DIRED_SUPPORT
-    { "dired_support", &no_dired_support,      TRUE },
+    { "dired_support", &no_dired_support,      FALSE },
 #ifdef OK_PERMIT
-    { "change_exec_perms", &no_change_exec_perms, TRUE },
+    { "change_exec_perms", &no_change_exec_perms, FALSE },
 #endif /* OK_PERMIT */
 #endif /* DIRED_SUPPORT */
 #ifdef USE_EXTERNALS
-    { "externals",     &no_externals,          TRUE },
+    { "externals",     &no_externals,          FALSE },
 #endif
     { "lynxcfg_info",  &no_lynxcfg_info,       CAN_ANONYMOUS_VIEW_LYNXCFG_INFO 
},
 #ifndef NO_CONFIG_INFO
diff -ur lynx2-8-4/userdefs.h lynx2-8-4.devel/userdefs.h
--- lynx2-8-4/userdefs.h        Thu Feb  8 18:50:00 2001
+++ lynx2-8-4.devel/userdefs.h  Mon Feb 26 21:55:51 2001
@@ -1084,7 +1084,7 @@
 
 #define LOCAL_EXECUTION_LINKS_ALWAYS_ON          FALSE
 #define LOCAL_EXECUTION_LINKS_ON_BUT_NOT_REMOTE  FALSE
-#define LOCAL_EXECUTION_LINKS_ALWAYS_OFF_FOR_ANONYMOUS FALSE
+#define LOCAL_EXECUTION_LINKS_ALWAYS_OFF_FOR_ANONYMOUS TRUE
 
 #endif /*  defined(EXEC_LINKS) || defined(EXEC_SCRIPTS) */
 

; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to address@hidden

[Prev in Thread]

Current Thread

[Next in Thread]

lynx-dev lynx2.8.4dev.19, Thomas Dickey, 2001/02/26
- Re: lynx-dev lynx2.8.4dev.19, Rob Cameron <=
  - Re: lynx-dev lynx2.8.4dev.19, Thomas Dickey, 2001/02/27
- Re: lynx-dev lynx2.8.4dev.19, Philip Webb, 2001/02/28
  - Re: lynx-dev lynx2.8.4dev.19 -- ADDENDVM, Philip Webb, 2001/02/28

Prev by Date: lynx-dev lynx2.8.4dev.19
Next by Date: Re: lynx-dev lynx2.8.4dev.19
Previous by thread: lynx-dev lynx2.8.4dev.19
Next by thread: Re: lynx-dev lynx2.8.4dev.19
Index(es):
- Date
- Thread