[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [RFR] templates://haserl/{haserl.templates}



On 28/07/2011 03:24, Justin B Rye wrote:
> No, seriously, it's singular.
> 
> "Text" in this sense *has* no plural - it's a "non-count noun" (like
> "water" or "advice" or "software") that means "some arbitrary quantity
> of non-binary data" (oh, "data" - that's another one, at least in
> post-1950s English).  There's also a count-noun sense of "text"
> meaning "a complete body of written material" (as in "several literary
> texts"), but that's not what's meant here.  If it was, for a start it
> would say "all texts", not "all text".

Hmm, that sounds right. I'm convinced.

-- 
Kind regards,
Loong Jin
Source: haserl
Section: interpreters
Priority: optional
Maintainer: Chow Loong Jin <hyperair@ubuntu.com>
Build-Depends: debhelper (>= 7.0.50~),
               po-debconf,
               autotools-dev,
               liblua5.1-0-dev,
               pkg-config
Standards-Version: 3.9.1
Homepage: http://haserl.sourceforge.net/
Vcs-Git: git://git.debian.org/collab-maint/haserl.git
Vcs-Browser: http://git.debian.org/?p=collab-maint/haserl.git;a=summary

Package: haserl
Architecture: any
Depends: ${shlibs:Depends}, ${misc:Depends}
Recommends: lua5.1
Description: CGI scripting program for embedded environments
 Haserl is a CGI wrapper that allows PHP-style programming in Lua or a
 POSIX-compliant shell. It is very small, so it can be used in embedded
 environments, or where something like PHP is too big.
 .
 It combines three features into a small CGI engine:
  * It parses POST and GET requests, placing form-elements into the
    environment as name=value pairs for the CGI script to use. This is
    somewhat similar to the uncgi wrapper.
  * It opens a shell, and translates all text into printable statements.
    All text within <% ... %> constructs is passed verbatim to the shell.
    This is somewhat similar to how PHP scripts are parsed.
  * It can be set up to drop its permissions to the owner of the script,
    giving it some of the security features of suexec or cgiwrapper.
Template: haserl/setuid
Type: boolean
Default: false
_Description: Install haserl binary with suid root permissions?
 When haserl is installed with suid root permissions, it will automatically set
 its UID and GID to match the owner and group of the script.
 .
 This is a potential security vulnerability, as scripts that are owned
 by root will be run as root, even when they do not have the suid root bit.
diff -u old/control new/control
--- old/control	2011-07-28 02:28:54.461523957 +0800
+++ new/control	2011-07-28 06:47:23.784709136 +0800
@@ -17,17 +17,16 @@
 Depends: ${shlibs:Depends}, ${misc:Depends}
 Recommends: lua5.1
 Description: CGI scripting program for embedded environments
- Haserl is a small cgi wrapper that allows "PHP" style cgi programming, but uses
- a UNIX bash-like shell or Lua as the programming language. It is very small, so
- it can be used in embedded environments, or where something like PHP is too
- big.
+ Haserl is a CGI wrapper that allows PHP-style programming in Lua or a
+ POSIX-compliant shell. It is very small, so it can be used in embedded
+ environments, or where something like PHP is too big.
  .
- It combines three features into a small cgi engine:
-  * It parses POST and GET requests, placing form-elements as name=value
-    pairs into the environment for the CGI script to use.  This is somewhat like
-    the uncgi wrapper.
-  * It opens a shell, and translates all text into printable statements. All
-    text within <% ... %> constructs are passed verbatim to the shell. This is
-    somewhat similar to how PHP scripts are parsed.
-  * It can optionally be installed to drop its permissions to the owner of the
-    script, giving it some of the security features of suexec or cgiwrapper.
+ It combines three features into a small CGI engine:
+  * It parses POST and GET requests, placing form-elements into the
+    environment as name=value pairs for the CGI script to use. This is
+    somewhat similar to the uncgi wrapper.
+  * It opens a shell, and translates all text into printable statements.
+    All text within <% ... %> constructs is passed verbatim to the shell.
+    This is somewhat similar to how PHP scripts are parsed.
+  * It can be set up to drop its permissions to the owner of the script,
+    giving it some of the security features of suexec or cgiwrapper.
diff -u old/haserl.templates new/haserl.templates
--- old/haserl.templates	2011-07-28 02:28:57.948214607 +0800
+++ new/haserl.templates	2011-07-28 02:29:10.124965009 +0800
@@ -3,7 +3,7 @@
 Default: false
 _Description: Install haserl binary with suid root permissions?
  When haserl is installed with suid root permissions, it will automatically set
- its UID and GID to that of the owner and group of the script.
+ its UID and GID to match the owner and group of the script.
  .
- WARNING: This is a potential security vulnerability, as scripts that are owned
+ This is a potential security vulnerability, as scripts that are owned
  by root will be run as root, even when they do not have the suid root bit.

Attachment: signature.asc
Description: OpenPGP digital signature


Reply to: