squirrelmail/squirrelmail.patch.plugins@0ba300bdf30a (annotated)
squirrelmail/squirrelmail.patch.plugins
Mon, 20 Apr 2009 19:22:00 +0200
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Mon, 20 Apr 2009 19:22:00 +0200
- changeset 178
- 0ba300bdf30a
- parent 159
- 5524672ebbe7
- permissions
- -rw-r--r--
Change unfortunate but partly useful overreaching security tradeoff.
The principle of allocating each running process an individual system
user and group can have security benefits, however maintining a plethora
of users, groups, processes, file modes, file permissions, and even
nonportable file ACLs on a host serving from a hundred processes has
some security disadvantages. This tradeoff is even worse for systems
like OpenPKG which benefit from administration transparency through the
use of minimal system intrusion and only three usage privilege levels.
| michael@157 | 1 | Index: etc/squirrelmail/config.php |
| michael@157 | 2 | diff -Nau etc/squirrelmail/config.php.orig etc/squirrelmail/config.php |
| michael@157 | 3 | --- etc/squirrelmail/config.php.orig 2005-03-16 13:02:25 +0100 |
| michael@157 | 4 | +++ etc/squirrelmail/config.php 2005-03-16 12:31:51 +0100 |
| michael@164 | 5 | @@ -90,6 +90,23 @@ |
| michael@164 | 6 | $plugins[15] = 'squirrelspell'; |
| michael@164 | 7 | $plugins[16] = 'translate'; |
| michael@157 | 8 | |
| michael@164 | 9 | +$plugins[17] = 'addgraphics'; |
| michael@164 | 10 | +$plugins[18] = 'avelsieve'; |
| michael@164 | 11 | +$plugins[19] = 'captcha'; |
| michael@164 | 12 | +$plugins[20] = 'change_ldappass'; |
| michael@164 | 13 | +$plugins[21] = 'check_quota'; |
| michael@164 | 14 | +$plugins[22] = 'chg_sasl_passwd'; |
| michael@164 | 15 | +$plugins[23] = 'folder_sizes'; |
| michael@164 | 16 | +$plugins[24] = 'gpg'; |
| michael@164 | 17 | +$plugins[25] = 'login_notes'; |
| michael@164 | 18 | +$plugins[26] = 'password_forget'; |
| michael@164 | 19 | +$plugins[27] = 'pupdate'; |
| michael@164 | 20 | +$plugins[28] = 'show_user_and_ip'; |
| michael@164 | 21 | +$plugins[29] = 'smallcal'; |
| michael@159 | 22 | +$plugins[30] = 'smime'; |
| michael@164 | 23 | +$plugins[31] = 'username'; |
| michael@164 | 24 | +$plugins[32] = 'vkeyboard'; |
| michael@157 | 25 | + |
| michael@157 | 26 | /* NOP, for patch line placeholder (avoids fuzz) */ |
| michael@157 | 27 | $theme_css = ''; |
| michael@164 | 28 | $theme_default = 4; |
| michael@157 | 29 | Index: share/squirrelmail/plugins/gpg/setup.php |
| michael@157 | 30 | diff -Nau share/squirrelmail/plugins/gpg/setup.php.orig share/squirrelmail/plugins/gpg/setup.php |
| michael@157 | 31 | --- share/squirrelmail/plugins/gpg/setup.php.orig 2005-03-18 12:01:39.398171000 +0100 |
| michael@157 | 32 | +++ share/squirrelmail/plugins/gpg/setup.php 2005-03-18 12:03:35.986216000 +0100 |
| michael@159 | 33 | @@ -23,7 +23,9 @@ |
| michael@159 | 34 | |
| michael@159 | 35 | //define SM_PATH |
| michael@159 | 36 | if (!defined ('SM_PATH')){ |
| michael@157 | 37 | - if (file_exists('./gpg_functions.php')){ |
| michael@157 | 38 | + if (file_exists('../../../plugins/gpg/gpg_functions.php')){ |
| michael@159 | 39 | + define ('SM_PATH' , '../../../'); |
| michael@157 | 40 | + } elseif (file_exists('../../plugins/gpg/gpg_functions.php')){ |
| michael@159 | 41 | define ('SM_PATH' , '../../'); |
| michael@157 | 42 | } elseif (file_exists('../plugins/gpg/gpg_functions.php')) { |
| michael@159 | 43 | define ('SM_PATH', '../'); |
| michael@157 | 44 | Index: share/squirrelmail/plugins/chg_sasl_passwd/options.php |
| michael@157 | 45 | diff -Nau share/squirrelmail/plugins/chg_sasl_passwd/options.php.orig share/squirrelmail/plugins/chg_sasl_passwd/options.php |
| michael@157 | 46 | --- share/squirrelmail/plugins/chg_sasl_passwd/options.php.orig 2005-03-17 21:00:03.157951000 +0100 |
| michael@157 | 47 | +++ share/squirrelmail/plugins/chg_sasl_passwd/options.php 2005-03-18 14:16:40.480988000 +0100 |
| michael@157 | 48 | @@ -70,8 +70,8 @@ |
| michael@157 | 49 | ' "" + dir_path + "/../../src/signout.php?chg_sasl_passwd";' . "', 0);\n" . |
| michael@157 | 50 | "//-->\n</script>\n"; |
| michael@157 | 51 | |
| michael@157 | 52 | - echo "<H2>" . _("Your password has successfully been changed.") . "</H2>\n"; |
| michael@157 | 53 | - echo '<div align=center>' . _("Please") . '<a href="' . SM_PATH . |
| michael@157 | 54 | + echo "<H2><div align=center>" . _("Your password has successfully been changed.") . "</div></H2>\n"; |
| michael@157 | 55 | + echo '<div align=center>' . _("Please, ") . '<a href="' . SM_PATH . |
| michael@157 | 56 | 'src/signout.php?chg_sasl_passwd" TARGET=_top>' . |
| michael@157 | 57 | _("logout and log back in using your new password.") . "</div>\n"; |
| michael@157 | 58 | } |
| michael@157 | 59 | Index: share/squirrelmail/plugins/chg_sasl_passwd/setup.php |
| michael@157 | 60 | diff -Nau share/squirrelmail/plugins/chg_sasl_passwd/setup.php.orig share/squirrelmail/plugins/chg_sasl_passwd/setup.php |
| michael@157 | 61 | --- share/squirrelmail/plugins/chg_sasl_passwd/setup.php.orig 2005-03-03 00:38:44.000000000 +0100 |
| michael@157 | 62 | +++ share/squirrelmail/plugins/chg_sasl_passwd/setup.php 2005-03-18 14:29:52.513613000 +0100 |
| michael@157 | 63 | @@ -32,8 +32,12 @@ |
| michael@157 | 64 | |
| michael@157 | 65 | if (isset($_SERVER['QUERY_STRING']) && |
| michael@157 | 66 | stristr($_SERVER['QUERY_STRING'], 'chg_sasl_passwd') ) |
| michael@157 | 67 | - echo "<br><b>" . _("Your password has been changed. This requires that you logout and then log back in with the new password.") . |
| michael@157 | 68 | - "<br><p><br>\n" . _("Logging out automagically") . ".<br><br>\n"; |
| michael@157 | 69 | + echo "<center>" . |
| michael@157 | 70 | + "<br /><b>" . _("Your password has been changed.") . |
| michael@157 | 71 | + "</b><br />" . _("This requires that you logout and then") . |
| michael@157 | 72 | + "<br />" . _("log back in with the new password.") . |
| michael@157 | 73 | + "<br /><br />" . _("Logging out automatically...") . |
| michael@157 | 74 | + "</center><br /><br /><br />\n"; |
| michael@157 | 75 | |
| michael@157 | 76 | /* Switch back to the SquirrelMail domain */ |
| michael@157 | 77 | textdomain('squirrelmail'); |
| michael@157 | 78 | Index: share/squirrelmail/plugins/check_quota/config.sample.php |
| michael@157 | 79 | diff -uaN share/squirrelmail/plugins/check_quota/config.sample.php.orig share/squirrelmail/plugins/check_quota/config.sample.php |
| michael@157 | 80 | --- share/squirrelmail/plugins/check_quota/config.sample.php.orig 2008-01-03 06:39:34.000000000 +0100 |
| michael@157 | 81 | +++ share/squirrelmail/plugins/check_quota/config.sample.php 2008-01-03 06:39:48.000000000 +0100 |
| michael@157 | 82 | @@ -25,7 +25,7 @@ |
| michael@157 | 83 | * 0: UNIX / 1: IMAP / 2: cPanel |
| michael@157 | 84 | */ |
| michael@157 | 85 | |
| michael@157 | 86 | -$settings['quota_type'] = 0; |
| michael@157 | 87 | +$settings['quota_type'] = 1; |
| michael@157 | 88 | |
| michael@157 | 89 | |
| michael@157 | 90 | /* |
| michael@159 | 91 | Index: share/squirrelmail/plugins/captcha/functions.php |
| michael@159 | 92 | diff -uaN share/squirrelmail/plugins/captcha/functions.php.orig share/squirrelmail/plugins/captcha/functions.php |
| michael@159 | 93 | --- share/squirrelmail/plugins/captcha/functions.php.orig 2009-02-02 16:13:12.000000000 +0100 |
| michael@159 | 94 | +++ share/squirrelmail/plugins/captcha/functions.php 2009-04-17 22:30:41.804849878 +0200 |
| michael@159 | 95 | @@ -122,13 +122,15 @@ |
| michael@159 | 96 | |
| michael@159 | 97 | if (!empty($show_captcha_countries) || !empty($do_not_show_captcha_countries)) |
| michael@159 | 98 | { |
| michael@159 | 99 | - include_once(SM_PATH . 'plugins/user_info/functions.php'); |
| michael@159 | 100 | + if (include_once(SM_PATH . 'plugins/user_info/functions.php')) |
| michael@159 | 101 | + { |
| michael@159 | 102 | $user_info = get_user_info(); |
| michael@159 | 103 | if (empty($user_info['country_code'])) |
| michael@159 | 104 | { |
| michael@159 | 105 | do_err('CAPTCHA plugin used with $show_captcha_countries or $do_not_show_captcha_countries requires the User Information plugin with a IP-to-country module', FALSE); |
| michael@159 | 106 | return TRUE; |
| michael@159 | 107 | } |
| michael@159 | 108 | + } |
| michael@159 | 109 | } |
| michael@159 | 110 | } |
| michael@159 | 111 | |
| michael@159 | 112 | @@ -183,7 +185,8 @@ |
| michael@159 | 113 | if (!empty($hide_captcha_ips) || !empty($show_captcha_ips) |
| michael@159 | 114 | && file_exists(SM_PATH . 'plugins/user_info/functions.php')) |
| michael@159 | 115 | { |
| michael@159 | 116 | - include_once(SM_PATH . 'plugins/user_info/functions.php'); |
| michael@159 | 117 | + if (include_once(SM_PATH . 'plugins/user_info/functions.php')) |
| michael@159 | 118 | + { |
| michael@159 | 119 | $user_info = get_user_info(); |
| michael@159 | 120 | if (!empty($user_info['ip_address'])) |
| michael@159 | 121 | { |
| michael@159 | 122 | @@ -194,6 +197,7 @@ |
| michael@159 | 123 | && !captcha_match_ip_address($user_info['ip_address'], $show_captcha_ips)) |
| michael@159 | 124 | return; |
| michael@159 | 125 | } |
| michael@159 | 126 | + } |
| michael@159 | 127 | } |
| michael@159 | 128 | |
| michael@159 | 129 | |
| michael@159 | 130 | @@ -203,7 +207,8 @@ |
| michael@159 | 131 | if (!empty($show_captcha_countries) || !empty($do_not_show_captcha_countries) |
| michael@159 | 132 | && file_exists(SM_PATH . 'plugins/user_info/functions.php')) |
| michael@159 | 133 | { |
| michael@159 | 134 | - include_once(SM_PATH . 'plugins/user_info/functions.php'); |
| michael@159 | 135 | + if (include_once(SM_PATH . 'plugins/user_info/functions.php')) |
| michael@159 | 136 | + { |
| michael@159 | 137 | $user_info = get_user_info(); |
| michael@159 | 138 | if (!empty($user_info['country_code'])) |
| michael@159 | 139 | { |
| michael@159 | 140 | @@ -214,6 +219,7 @@ |
| michael@159 | 141 | && !in_array($user_info['country_code'], $show_captcha_countries)) |
| michael@159 | 142 | return; |
| michael@159 | 143 | } |
| michael@159 | 144 | + } |
| michael@159 | 145 | } |
| michael@159 | 146 | |
| michael@159 | 147 | |
| michael@159 | 148 | @@ -257,7 +263,8 @@ |
| michael@159 | 149 | if (!empty($hide_captcha_ips) || !empty($show_captcha_ips) |
| michael@159 | 150 | && file_exists(SM_PATH . 'plugins/user_info/functions.php')) |
| michael@159 | 151 | { |
| michael@159 | 152 | - include_once(SM_PATH . 'plugins/user_info/functions.php'); |
| michael@159 | 153 | + if (include_once(SM_PATH . 'plugins/user_info/functions.php')) |
| michael@159 | 154 | + { |
| michael@159 | 155 | $user_info = get_user_info(); |
| michael@159 | 156 | if (!empty($user_info['ip_address'])) |
| michael@159 | 157 | { |
| michael@159 | 158 | @@ -268,6 +275,7 @@ |
| michael@159 | 159 | && !captcha_match_ip_address($user_info['ip_address'], $show_captcha_ips)) |
| michael@159 | 160 | return; |
| michael@159 | 161 | } |
| michael@159 | 162 | + } |
| michael@159 | 163 | } |
| michael@159 | 164 | |
| michael@159 | 165 | |
| michael@159 | 166 | @@ -277,7 +285,8 @@ |
| michael@159 | 167 | if (!empty($show_captcha_countries) || !empty($do_not_show_captcha_countries) |
| michael@159 | 168 | && file_exists(SM_PATH . 'plugins/user_info/functions.php')) |
| michael@159 | 169 | { |
| michael@159 | 170 | - include_once(SM_PATH . 'plugins/user_info/functions.php'); |
| michael@159 | 171 | + if (include_once(SM_PATH . 'plugins/user_info/functions.php')) |
| michael@159 | 172 | + { |
| michael@159 | 173 | $user_info = get_user_info(); |
| michael@159 | 174 | if (!empty($user_info['country_code'])) |
| michael@159 | 175 | { |
| michael@159 | 176 | @@ -288,6 +297,7 @@ |
| michael@159 | 177 | && !in_array($user_info['country_code'], $show_captcha_countries)) |
| michael@159 | 178 | return; |
| michael@159 | 179 | } |
| michael@159 | 180 | + } |
| michael@159 | 181 | } |
| michael@159 | 182 | |
| michael@159 | 183 |
