RE: [Lynx-dev] TRUSTED_LYNXCGI configuration

[Komal Thareja]

Hi Thomas,

Thanks for a quick reply. I still am not able to get it working.

As mentioned in lynx.cfg TRUSTED_LYNXCGI will work only if LYNXCGI_LINKS is 
defined. I am using lynx version lynx-2.8.5-18.2.el4_7.1.i386. I downloaded the 
source code and checked that LYNXCGI_LINKS is commented in the userdefs.h.

Could that be the issue? Also if I comment TRUSTED_LYNXCGI line, I am able to 
run my cgi script using lynx.

With restrictions=all, lynxcgi stopped running. Are there any other parameters 
I should set?
Is there any other way to enable no_exec?

TRUSTED_LYNXCGI rules define the permitted sources and/or paths for
# lynxcgi links (if LYNXCGI_LINKS is defined in userdefs.h).


Thanks and Regards,

Komal Thareja

Technical Leader



A R I C E N T

Office    +91.124.4095888  x3411

Fax        +91.124.4095915









-----Original Message-----
From: Thomas Dickey [mailto:address@hidden
Sent: Wednesday, January 20, 2010 5:46 AM
To: Komal Thareja
Cc: address@hidden
Subject: Re: [Lynx-dev] TRUSTED_LYNXCGI configuration

On Tue, Jan 19, 2010 at 07:40:24PM +0530, Komal Thareja wrote:
> Hi All,
>
> I am trying to configure TRUSTED_LYNXCGI parameter in /etc/lync.cgi by 
> specifying the following value.
>
> TRUSTED_LYNXCGI:file://var/Test/test.cgi
>
> I still get the error "Alert!: Executable link rejected due to
> location or path." when I execute the script using following command

That's reported in src/LYGetFile.c

    if (!(no_exec && type == ALWAYS_EXEC_PATH))
        HTAlert(BADLOCPATH_IN_EXEC_LINK);

The no_exec variable is the place to check - it's normally false, and is set 
using the -restriction option.  The 'type' variable is essentially a constant 
(depends on the program flow).  So you should add something like

        -restrictions=all

since that sets all of the restriction flags to true.

> "/usr/bin/lynx -realm -use_mouse -nocolor -scrollbar 
> lynxcgi://var/Test/test.cgi"
>
> I have tried all the syntax mentioned in the cfg. I searched lot of things on 
> the internet but of no help. Your help and inputs would be really appreciated.
>
>
> Thanks and Regards,
> Komal Thareja
>
> Technical Leader
>
>
>
> A R I C E N T
>
> Office    +91.124.4095888  x3411
>
> Fax        +91.124.4095915
>
>
>
>
>
>
> ________________________________
> "DISCLAIMER: This message is proprietary to Aricent and is intended solely 
> for the use of the individual to whom it is addressed. It may contain 
> privileged or confidential information and should not be circulated or used 
> for any purpose other than for what it is intended. If you have received this 
> message in error, please notify the originator immediately. If you are not 
> the intended recipient, you are notified that you are strictly prohibited 
> from using, copying, altering, or disclosing the contents of this message. 
> Aricent accepts no responsibility for loss or damage arising from the use of 
> the information transmitted by this email including damage from virus."

> _______________________________________________
> Lynx-dev mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/lynx-dev


--
Thomas E. Dickey <address@hidden> http://invisible-island.net 
ftp://invisible-island.net

"DISCLAIMER: This message is proprietary to Aricent and is intended solely for 
the use of the individual to whom it is addressed. It may contain privileged or 
confidential information and should not be circulated or used for any purpose 
other than for what it is intended. If you have received this message in error, 
please notify the originator immediately. If you are not the intended 
recipient, you are notified that you are strictly prohibited from using, 
copying, altering, or disclosing the contents of this message. Aricent accepts 
no responsibility for loss or damage arising from the use of the information 
transmitted by this email including damage from virus."