userv (security boundary tool) 1.0.3 released

info-gnu

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

userv (security boundary tool) 1.0.3 released

From:	Ian Jackson
Subject:	userv (security boundary tool) 1.0.3 released
Date:	Sat, 1 Nov 2003 01:40:10 +0000

-----BEGIN PGP SIGNED MESSAGE-----

GNU userv 1.0.3 is now released.

userv (pronounced `you-serve') is, in the words of the specification,
      a Unix system facility to allow one program to invoke another
      when only limited trust exists between them.

userv is a one-of-a-kind systems programming and system administration
tool, which can be used to avoid setuid programs, special daemons, or
the need for doubtful `helper' programs.


For more information, including the on-line specification and the
distribution files, visit
 http://www.chiark.greenend.org.uk/~ian/userv/

If you have queries, please join the userv-discuss mailing list in
preference to mailing the author.  Thank you.

userv is also usually available via the GNU FTP site and its mirrors.
However, at present technical difficulties mean that we are unable to
make the current distribution files available on ftp.gnu.org.  In the
meantime, please fetch the files from chiark, above.


This is a maintenance release.  It fixes a number of bugs, a few of
them moderately annoying, but none believed to be security-critical.
The documentation, portability and packaging are also improved.

Note that the Debian Project has distributed, amongst other things, a
file appearing to be userv 1.0.2.  There is no userv 1.0.2.  To avoid
confusion, we have skipped version 1.0.2.  Please use 1.0.3.

MD5 checksums:
b525d59097246fbe3668545fe302dbdb  userv-1.0.1-1.0.3.diff.gz
e577c93fa37b8334e8f882f28f4f8835  userv-1.0.3.tar.gz

There is also an associated non-GNU package userv-utils, which
contains a collection of miscellaneous userv services, which can serve
as examples and programs in their own right.  Note that the
documentation and probably quality of these leave a lot to be desired.
Contributions of documentation, installation instructions,
improvements, etc, for parts of userv-utils would be very welcome.
userv-utils can be found alongside userv's distribution files.


Changes to userv since 1.0.1:

  Bugfixes:
  * Make require-fd work with reading fds !
    (Thanks to Ben Harris for the bug report).
  * Close unwanted pipes in client-side cat subprocesses, to avoid
    wedging at termination.  (Thanks to patchlet from Peter Benie.)
  * gid_t may be >int, so cast to long when putting in USERV_GIDS
    (Might conceivably make USERV_GIDS be wrong on some platforms.)
  * Do not pass char to ctype macros; they can't cope with -ve !
  * Fix fd modifier, signal, and exit status parsing to be rigourous in
    their use of strtoul.  (Thanks to report from Peter Benie.)

  Portability fixes:
  * #include <fcntl.h>, not <sys/fcntl.h> (fixes some implicit decls).
  * Look for gmd5sum.  (Thanks to Anton Altaparmakov for the report.)
  * install-sh updated to that from autoconf 2.53.
  * Use fcntl F_{GET,SET}FD with respect for as-yet-uninvented fd flags.
    (small patch from Ben Harris.)

  Documentation and help improvements:
  * userv(1) manpage: fixed broken definitions of fd excl and trunc.
    (Debian bug report: Closes: #79579.)
  * Specification's usage notes section improved.
  * --help and --version behaviour made to conform to GNU standards.
  * We do ship m4 and flex output now, so say so.
  * Some groff warnings in userv(1), and source version fixed.
  * New userv(8) manpage.  (Debian: Closes: #33777.)
  * Update copyright dates everywhere.

  Debian packaging improvements:
  * Priority changed to optional as per override file.
  * Build-Depends: debiandoc-sgml, tetex-bin, tetex-extra.  Closes #190615.
  * init.d reload is noop, restart now called restart.  Closes #70783.
  * /etc/init.d/userv nicer output: colons, `.' printed after done.
  * Maintainer scripts use invoke-rc.d if it's available.
  * Maintainer scripts discard stdout from update-rc.d.
  * No more messing with /usr/doc, use only /usr/share/doc.  Closes #91578.
  * Support unstripped binaries in the .deb, with DEB_BUILD_OPTIONS.
  * Fixed typo in debian/copyright.
  * /etc/init.d/userv restart doesn't mind if not already running.
  * debian/rules clean removes whole spec.html subdirectory.
  * Ship spec.ps (Closes: #210859)
  * Lintian override for suid /usr/bin/userv (Closes: #211055)
  * Standards-Version 3.6.1.
  * Corrected location of common licenses.
  * Added -isp to dpkg-gencontrol.
  (Thanks to Martin Pitt and Bas Zoetekouw's NMUs
   for many inspirations and one-liners.)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv

iQCVAwUBP6MO9MMWjroj9a3bAQFtzQP/c49a2hrDIOn11x61EeQvS2k/2B+gAyqe
ky015YohAPIvLCwzsQpzkj2Q5vYNCSxdk/eEmDOefSu/QrprofCZ1Htc4I3PfDOy
Cc9QwTajghJKQXPSlNSN5lRz4doCnD4sisGAJ+czXS+DlGUJj9TbKuFGDd+hQ5BZ
/JdUf+4CamM=
=NS6O
-----END PGP SIGNATURE-----

[Prev in Thread]

Current Thread

[Next in Thread]

userv (security boundary tool) 1.0.3 released, Ian Jackson <=

Prev by Date: GNU Automake 1.7.9 released
Next by Date: Version 0.5 of Ocrad released
Previous by thread: GNU Automake 1.7.9 released
Next by thread: Version 0.5 of Ocrad released
Index(es):
- Date
- Thread