On 22/07/2011 03:41, Justin B Rye wrote: > [...] > I like it, but as usual I'm mangling almost every line. > * I'm not keen on "a UNIX bash-like shell" (as opposed to a Windows > bash-like shell?); Thanks for bringing this up. I think POSIX-compliant shell would be more accurate, as it works with /bin/sh, and does not rely on any bashisms. > * "All text [...] are passed" should be "is"; I'm pretty sure it's "All text ... are", since "All text within blah constructs" is plural. I'm reverting that change. > * the reference to being "installed to" work in a particular way is a > rather un-Debian way of putting it. > * and I'd rephrase a couple of bits just to make the word order more > natural or to reduce repetition (e.g. of "small" and "CGI"). Ack. > > How about: > > Description: CGI scripting program for embedded environments > Haserl is a CGI wrapper that allows PHP-style programming in Lua or a > Bash-like shell. It is very small, so it can be used in embedded > environments, or where something like PHP is too big. > . > It combines three features into a small CGI engine: > * It parses POST and GET requests, placing form-elements into the > environment as name=value pairs for the CGI script to use. This is > somewhat like the uncgi wrapper. > * It opens a shell, and translates all text into printable statements. > All text within <% ... %> constructs is passed verbatim to the shell. > This is somewhat similar to how PHP scripts are parsed. > * It can be set up to drop its permissions to the owner of the script, > giving it some of the security features of suexec or cgiwrapper. > > Obligatory Why-The-Name Appendix: Haserl is just a German dialect word > for "bunny", which seems fairly random... Actually, as ripped from the NAME section of the manpage: > The name "haserl" comes from the Bavarian word for "bunny." At first glance > it may be small and cute, but haserl is more like the bunny from Monty Python > & The Holy Grail. In the words of Tim the Wizard, That's the most foul, cruel > & bad-tempered rodent you ever set eyes on! > > Haserl can be thought of the cgi equivalent to netcat. Both are small, > powerful, and have very little in the way of extra features. Like netcat, > haserl attempts to do its job with the least amount of extra "fluff". -- Kind regards, Loong Jin
diff -u old/control new/control --- old/control 2011-07-28 02:28:54.461523957 +0800 +++ new/control 2011-07-28 02:29:10.124965009 +0800 @@ -17,17 +17,16 @@ Depends: ${shlibs:Depends}, ${misc:Depends} Recommends: lua5.1 Description: CGI scripting program for embedded environments - Haserl is a small cgi wrapper that allows "PHP" style cgi programming, but uses - a UNIX bash-like shell or Lua as the programming language. It is very small, so - it can be used in embedded environments, or where something like PHP is too - big. + Haserl is a CGI wrapper that allows PHP-style programming in Lua or a + POSIX-compliant shell. It is very small, so it can be used in embedded + environments, or where something like PHP is too big. . - It combines three features into a small cgi engine: - * It parses POST and GET requests, placing form-elements as name=value - pairs into the environment for the CGI script to use. This is somewhat like - the uncgi wrapper. - * It opens a shell, and translates all text into printable statements. All - text within <% ... %> constructs are passed verbatim to the shell. This is - somewhat similar to how PHP scripts are parsed. - * It can optionally be installed to drop its permissions to the owner of the - script, giving it some of the security features of suexec or cgiwrapper. + It combines three features into a small CGI engine: + * It parses POST and GET requests, placing form-elements into the + environment as name=value pairs for the CGI script to use. This is + somewhat similar to the uncgi wrapper. + * It opens a shell, and translates all text into printable statements. + All text within <% ... %> constructs are passed verbatim to the shell. + This is somewhat similar to how PHP scripts are parsed. + * It can be set up to drop its permissions to the owner of the script, + giving it some of the security features of suexec or cgiwrapper. diff -u old/haserl.templates new/haserl.templates --- old/haserl.templates 2011-07-28 02:28:57.948214607 +0800 +++ new/haserl.templates 2011-07-28 02:29:10.124965009 +0800 @@ -3,7 +3,7 @@ Default: false _Description: Install haserl binary with suid root permissions? When haserl is installed with suid root permissions, it will automatically set - its UID and GID to that of the owner and group of the script. + its UID and GID to match the owner and group of the script. . - WARNING: This is a potential security vulnerability, as scripts that are owned + This is a potential security vulnerability, as scripts that are owned by root will be run as root, even when they do not have the suid root bit.
Source: haserl Section: interpreters Priority: optional Maintainer: Chow Loong Jin <hyperair@ubuntu.com> Build-Depends: debhelper (>= 7.0.50~), po-debconf, autotools-dev, liblua5.1-0-dev, pkg-config Standards-Version: 3.9.1 Homepage: http://haserl.sourceforge.net/ Vcs-Git: git://git.debian.org/collab-maint/haserl.git Vcs-Browser: http://git.debian.org/?p=collab-maint/haserl.git;a=summary Package: haserl Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends} Recommends: lua5.1 Description: CGI scripting program for embedded environments Haserl is a CGI wrapper that allows PHP-style programming in Lua or a POSIX-compliant shell. It is very small, so it can be used in embedded environments, or where something like PHP is too big. . It combines three features into a small CGI engine: * It parses POST and GET requests, placing form-elements into the environment as name=value pairs for the CGI script to use. This is somewhat similar to the uncgi wrapper. * It opens a shell, and translates all text into printable statements. All text within <% ... %> constructs are passed verbatim to the shell. This is somewhat similar to how PHP scripts are parsed. * It can be set up to drop its permissions to the owner of the script, giving it some of the security features of suexec or cgiwrapper.
Template: haserl/setuid Type: boolean Default: false _Description: Install haserl binary with suid root permissions? When haserl is installed with suid root permissions, it will automatically set its UID and GID to match the owner and group of the script. . This is a potential security vulnerability, as scripts that are owned by root will be run as root, even when they do not have the suid root bit.
Attachment:
signature.asc
Description: OpenPGP digital signature