Security fix.
=== v0.9.15.1 15/03/2012 ===
* Corrected security bug allowing user to get out of the restricted
shell. Thank you bui from NBS System for reporting this grave issue!
=== v0.9.15 13/03/2012 ===
* Set the hostname to the "short hostname" in the prompt.
* Corrected traceback when "sudo" command was entered alone. Thank you
Kiran Reddy for reporting this.
* Added support for python2.3 as subprocess is not included by default.
* Corrected the 'strict' behavior when entering a forbidden path.
* Added short path promp support using the 'prompt_short' variable.
* Corrected stacktrace when group did not exist.
* Add support for empty prompt.
* Fixed bugs when using $() and ``.
* Corrected strict behavior to apply to forbidden path.
* Added support for wildcard '*' when using 'cd'.
* Added support for "cd -" to return to previous directory.
* Updated security issue with non printable characters permitting user
to get out of the limited shell.
* Now lshell automatically reload its configuration if the configuration
file is modified.
* Added possibility to have no "intro" when user logs in. (by setting
the intro configuration field to "")
* Corrected multiple commands over ssh, and aliases interpretation.
* Added possibility to use wildcards in path definitions.
* Finally corrected the alias replacement loop.
Upstream changes:
=== v0.9.14 27/10/2010 ===
* Corrected get_aliases function, as it was looping when aliases were
"recursive" (e.g. 'ls':'ls --color=auto')
* Added lsudo built-in command to list allowed sudo commands.
* Corrected completion function when 2 strings collided (e.g. ls and lsudo)
* Corrected the README's installation part (adding --prefix).
* Added possibility to log via syslog.
* Corrected warning counter (was counting minus 1).
* Added the possibility to disable the counter, and just warn the user
(withouht kicking him).
* Added possibility to configure prompt. Thank you bapt for the patch.
* Added possibility to set environment variables to users. Thank you bapt
for the patch.
* Added the 'history' built-in function.
=== v0.9.13 02/09/2010 ===
* Switched from deprecated popen2 to subprocess to be python2.6 compatible.
Thank you Greg Orlowski for the patch.
* Added missing builin commands when 'allowed' list was set to 'all'. For
example, the "cd" command was then missing.
* Added the "export" builtin function to export shell variables. Thank you
Chris for reporting this issue.
pkgsrc changes:
- Add license
Upstream changes:
=== v0.9.12 04/05/2010 ===
* A minor bug was inserted in version 0.9.11 with the sudo command.
It has been corrected in this version.
=== v0.9.11 27/04/2010 ===
* Corrects traceback when executing a command that had a python homonym
(e.g. "print foo" or "set"). (Closes: SF#2969631)
* Corrected completion error when using "~/". Thanks to Piotr Minkina for
reporting this.
* Corrected the get_aliases function.
* Corrected interpretation of ~user. Thank you Adrien Urban for reporting
this.
* The 'home_path' variable is being deprecated from this version and on.
Please use your system's tools to set a user's home directory.
It will be completely removed in the next version of lshell.
* Corrected shell variable and wildcards expansions when checking a command.
Thank you Adrien Urban for reporting this.
* Added possibility to allow/forbid scp upload/download using scp_upload
and scp_download variables.
* Corrected bug when using the "command=" in openSSH's authorized_keys.
lshell now takes into account the SSH_ORIGINAL_COMMAND environment
variable. Thank you Jason Heiss for reporting this.
* Corrected traceback when aliases is not defined in configuration, and
command is sent over SSH. Thank you Jason Heiss for reporting this.
0.9.10
. Corrected minor bug in the aliases function that appeared in the
previous version. Thank you Piotr Minkina for reporting this.
0.9.9
. Added the possibility to configure introduction prompt.
. Replaced "joker" by "warnings" (more elegant)
. Possibility of limiting the history file size.
. Added lpath built-in command to list allowed and denied path.
Thanks to Adrien Urban.
. Corrected bug when using "~" was not parsed as "home directory" when
used in a command other than "cd". Thank you Adrien Urban finding
this.
. Corrected minor typo when warning for a forbidden path.
. If $(foo) is present in the line, check if foo is allowed before
executing the line. Thank you Adrien Urban for pointing this out!
. Added the possibility to list commands allowed to be executed using
sudo.
The new configuration field is sudo_commands.
. Added the clear(1) command as a built-in command.
. Added '$(' and '${' in the forbidden list by default in the
configuration
file.
. Now check the content of curly braces withariables '${}'. Thank you
Adrien Urban for reporting this.
. Added possibility to set history file name using history_file in the
configuration file.
. Corrected the bug when using '|', '&' or ';' over ssh. Over ssh
forbidden
characters refers now to the list provided in the "forbidden" field.
Thank you Jools Wills for reporting this!
. It now possible to use "&&" and "||" even if "&" and/or "|" are in the
forbidden list. In order to forbid them too, you must add them
explicitely in the forbidden list. Thank you Adrien Urban for this
suggestion.
. Fixed aliases bug that replaced part of commands rendering them
unusable.
e.g. aliasei:vim replaced the view command by vimew.
. Added a logrotate file for lshell log files.
. Corrected parsing of commands overssh to be checked by the same
function
used by the lshell CLI.
Thank you Adrien Urban for you security audit and excellent ideas!
0.9.8
. Major bug fix. lshell did not launch on python 2.4 and 2.5
(https://sourceforge.net/projects/lshell/forums/forum/778301/topic/347
4668)
. Added aliases for commands over SSH.
0.9.7
. Cleaned up the Python code
. Corrected crash when directory permission denied
(Closes: https://sourceforge.net/tracker/?func=detail&aid=2875374&grou
p_id=215792&atid=1035093)
. Added possibility to set the home_path option using the '%u' flag.
(e.g. '/var/chroot/%u' where '%u' will be replaced by the user's
username)
. Now replaces "~" by user's home directory.
0.9.6
. Major security fix. User had access to all files located in forbidden
directories
(Closes: https://sourceforge.net/tracker/?func=detail&aid=2838542&grou
p_id=215792&atid=1035093)
. Corrects RPM generation bug
(Closes: https://sourceforge.net/tracker/index.php?func=detail&aid=283
8283&group_id=215792&atid=1035093)
. lshell exits gracefully when user home directory doesn't exist
0.9.5
. Minor release
. Changed lshell's group from lshellg to lshell (this should not have
an impact on older installations)
. Minor typo correction in the lshell.py code
0.9.4
. Log file name is now configurable using 'logfilename' variable
inside the configuration file
. Corrected aliases in lshell.conf to work with *BSD
0.9.3
. corrected major bug (alias related)
0.9.2
. added Force SCP directory feature
. added command alias feature
0.9.1
. loglevel can now be defined on global, group or user level
. corrected sftp support (broken since in 0.9.0)
0.9.0
. version jump to 0.9.0
. corrected bug in case PATH does not exist and allowed set to 'all'
. added support for UNIX groups in configuration file
. corrected major security bug
. corrected path completion
. added escape code handling
. added flexible +/- possibilities in configuration file
. now supports completion after '|', ';' and '&'
. Command test are also done after '|', ';' and '&'
. Doesn't list hidden directories by default
. 4 logging levels
. added 'strict' behaviour
quite simply using a configuration file. It becomes easy to restrict user's
access to a limited set of commands, chosing to allow any command over SSH
(e.g. SCP,SFTP,rsync,etc.).
OK'd by seb@
