cgiwrap 4.0_2 www =7

Securely execute Web CGI scripts
Maintained by: koitsu@FreeBSD.org
Port Added: unknown
Also Listed In: security

---

---

This is CGIWrap - a gateway that allows more secure user access to
CGI programs on an HTTPd server than is provided by the Web server
itself. The primary function of CGIWrap is to make certain that
any CGI script runs with the permissions of the user who installed
it, and not those of the Web server.

CGIWrap works with NCSA httpd, Apache, CERN httpd, NetSite Commerce
and Communications servers, and probably any other Unix-based Web
server software that supports CGI.

WWW: http://cgiwrap.sourceforge.net/
WWW: http://cgiwrap.unixtools.org/

CVSWeb : Sources : Main Web Site : Distfiles Availability : PortsMon

---

To install the port: cd /usr/ports/www/cgiwrap/ && make install clean
To add the package: pkg_add -r cgiwrap

---

Configuration Options

===> The following configuration options are available for cgiwrap-4.0_2:
     CGI_OWNER=on (default) "Check CGI file owner"
     CGI_GROUP=on (default) "Check CGI file group"
     CGI_SETUID=on (default) "Check CGI file setuid permissions"
     CGI_SETGID=on (default) "Check CGI file setgid permissions"
     CGI_GROUP_WRITABLE=on (default) "Check CGI g+w file permissions"
     CGI_WORLD_WRITABLE=on (default) "Check CGI o+w file permissions"
     USE_REDIRECT_URL=off (default) "Use REDIRECT_URL to build SCRIPT_NAME"
     USE_SCRIPT_URL=off (default) "Use SCRIPT_URL to build SCRIPT_NAME"
     NPH=off (default) "Enable nph binaries"
     DEBUG=off (default) "Enable cgiwrapd binaries"
===> Use 'make config' to modify these settings

---

Master Sites:

http://nchc.dl.sourceforge.net/sourceforge/cgiwrap/

http://kent.dl.sourceforge.net/sourceforge/cgiwrap/

http://easynews.dl.sourceforge.net/sourceforge/cgiwrap/

http://ufpr.dl.sourceforge.net/sourceforge/cgiwrap/

http://umn.dl.sourceforge.net/sourceforge/cgiwrap/

http://heanet.dl.sourceforge.net/sourceforge/cgiwrap/

ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/

Fix for WITH_USE_REDIRECT_URL; previously did not work.

* Maintainer freebsd@jdc.parodius.com --> koitsu@FreeBSD.org (I'm both)
* Add some redundancy fetch locations to MASTER_SITE_LOCAL.

Add WITH_USE_SCRIPT_URL and WITH_USE_REDIRECT_URL knobs, allowing for
the SCRIPT_NAME environment variable to be built based on $SCRIPT_URL
or $REDIRECT_URL.

Fix for "make install"; logic in cgiwrap's autoconf file for --with-cgiwrapd
and --without-cgiwrapd is broken (always assumes cgiwrapd will be used).
Will submit fix upstream.

Reviewed by:    philip
Approved by:    philip

Updating cgiwrap from 3.9 to 4.0.  Tested on RELENG_6.

Reviewed by:    philip
Approved by:    philip

SHA256ify

Approved by: krion@

Replace ugly "@unexec rmdir %D... 2>/dev/null || true" with @dirrmtry

Approved by:    krion@
PR:             ports/88711 (related)

Move LOG_FILE code to after bsd.port.pre.mk

PR:             ports/85687
Submitted by:   maintainer

- Convert to OPTIONS
- Add NPH and DEBUG knobs
- Rename some tunables
- Remove EMAIL knob

PR:             ports/83144
Submitted by:   Jeremy Chadwick <freebsd@jdc.parodius.com> (maintainer)

- Rename knonbs for more POLA compliant.
- Utilize PORTDOCS macro.
- Fix pkg-message for the package.
- Minor formating and typographic changes.

PR:             ports/71188
Submitted by:   maintainer

* Uses WWWOWN and WWWGRP.
* Changes tweaks to CGIWRAP_ALLOWFILE and CGIWRAP_DENYFILE.
* Add optional ability to build without some features.
* Adds CGIWRAP_DEBUG, which adds support for the cgiwrapd/nph-cgiwrapd binaries.
* Proper/secure permissions on the binaries.
* Another cosmetic changes.

* Pass maintainership to submitter.

PR:             ports/70106
Submitted by:   Jeremy Chadwick <freebsd@jdc.parodius.com>

Don't remove www/ now that it is created by the system.

- Update to 3.9
- Use DOCSDIR in pkg-plist to silence portlint

PR:             ports/63656
Submitted by:   Josh Elsasser <jre@vineyard.net> (maintainer)

Update to 3.8

PR:             53224
Submitted by:   maintainer

De-pkg-comment.

Update url in pkg-descr

PR:             45271
Submitted by:   maintainer

Install cgiwrapd/nph-cgiwrapd as a separate binary and removes suid
and execute permissions for security reasons

PR:             41454
Submitted by:   maintainer

- enable access control files by default
- pass maintainership on to submitter

PR:             40256
Submitted by:   Josh Elsasser <jre@vineyard.net>

- update to 3.7.1   - change default apache httpd user to www   - use DOCSDIR   

Change my email address to petef@FreeBSD.org for the ports I maintain.    

Update to 3.7 (fixing a security problem).    

MAINTAINER update.  Modify pkg-plist to remove   directories and files that are
not in mtree.    

- update to version 3.6.4   - take over as maintainer from ports@   - better
comment   - install scripts to ${PREFIX}/www/cgi-bin opposed to share/apache    

forget to mention pr # and submitter    

delete cgiwrap doc dir   add PORTDOCS handling   add missing MAINTAINER    

MAINTAINER doesn't use FreeBSD any more.    

Some spaces -> tabs for ports/www.    

Convert category www to new layout.  

8 vulnerabilities affecting 22 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities