LYNX-DEV securing Lynx for boxed-in environments.

lynx-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

LYNX-DEV securing Lynx for boxed-in environments.

From:	William Yang
Subject:	LYNX-DEV securing Lynx for boxed-in environments.
Date:	Sat, 13 Sep 97 13:52:57 EDT

Hi. 

I operate a fairly sizable Free-Net (20,000+ users), and am working
with patches from early August 1997 to Lynx 2.7.1.

I've been working in the Lynx code a bit, and have a couple of
thoughts about making the code base more friendly to sites that want
to customize Lynx to their specific purposes.  For instance, I want to
use LynxExec links at my site... but I think that the current
mechanism is too open for my environment (but is certainly okay in
most environments).

So, I figure I should just go into the code, and replace all exec
family calls, all system calls, and all calls to popen with my
modified versions that restrict what execution paths are permitted --
I can box a user in to code I'm moderately certain is secure, by
providing one directory that they're allowed to call programs from,
which has rigorously tested code).

But, if I do this, it's actually going to get fairly involved to keep
up with patches and updates (which, I've noticed, do happen
frequently).

So... I'm curious as to how interested the collective Lynx developers
would be, in making sure that the necessary hooks for this kind of
add-on functionality get integrated into the code (I'll do the work,
but want to be sure it's going to get utilized)?  Namely, create
something like LYrunotherprogs.h and LYrunotherprogs.c to centralize
all the calls that execute/fork/spawn other programs.  The functions
would be dummy functions, which just call the original (by default,
wrapped_popen would just invoke popen, for instance).

This will allow easier maintenance of add-on functions in unusual
environments, without making too much of a mess of the code base.

While I've written a good path-checking function, I haven't integrated
it into Lynx yet, because I'd really like to keep this easy to
maintain....

Is there interest in this kind of thing, or am I on my own here?

        -Bill
-- 
William D Yang                          The Greater Columbus Free-Net
address@hidden          System Administration & Operation

;
; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.
;

[Prev in Thread]

Current Thread

[Next in Thread]

LYNX-DEV securing Lynx for boxed-in environments., William Yang <=
- Re: LYNX-DEV securing Lynx for boxed-in environments., T.E.Dickey, 1997/09/13
- Re: LYNX-DEV securing Lynx for boxed-in environments., Klaus Weide, 1997/09/13
  - Re: LYNX-DEV securing Lynx for boxed-in environments., William Yang, 1997/09/14
    - Re: LYNX-DEV securing Lynx for boxed-in environments., Benjamin C. W. Sittler, 1997/09/14
    - Re: LYNX-DEV securing Lynx for boxed-in environments., William Yang, 1997/09/15
- Re: LYNX-DEV securing Lynx for boxed-in environments., Foteos Macrides, 1997/09/15
- Re: LYNX-DEV securing Lynx for boxed-in environments., William Yang, 1997/09/15
- Re: LYNX-DEV securing Lynx for boxed-in environments., Foteos Macrides, 1997/09/15

Prev by Date: Re: LYNX-DEV dired "../"
Next by Date: Re: LYNX-DEV Problems with link highlighting on bizarre terminals
Previous by thread: LYNX-DEV Using PC version of LYNX as Standalone
Next by thread: Re: LYNX-DEV securing Lynx for boxed-in environments.
Index(es):
- Date
- Thread