##################################### # LSHELL - Limited Shell - CHANGES # ##################################### # # $Id: CHANGES,v 1.65 2010/10/26 22:39:36 ghantoos Exp $ Contact: ghantoos@ghantoos.org http://sourceforge.net/projects/lshell/ ##################################### === v0.9.14 27/10/2010 === * Corrected get_aliases function, as it was looping when aliases were "recursive" (e.g. 'ls':'ls --color=auto') * Added lsudo built-in command to list allowed sudo commands. * Corrected completion function when 2 strings collided (e.g. ls and lsudo) * Corrected the README's installation part (adding --prefix). * Added possibility to log via syslog. * Corrected warning counter (was counting minus 1). * Added the possibility to disable the counter, and just warn the user (withouht kicking him). * Added possibility to configure prompt. Thank you bapt for the patch. * Added possibility to set environment variables to users. Thank you bapt for the patch. * Added the 'history' built-in function. === v0.9.13 02/09/2010 === * Switched from deprecated popen2 to subprocess to be python2.6 compatible. Thank you Greg Orlowski for the patch. * Added missing builin commands when 'allowed' list was set to 'all'. For example, the "cd" command was then missing. * Added the "export" builtin function to export shell variables. Thank you Chris for reporting this issue. === v0.9.12 04/05/2010 === * A minor bug was inserted in version 0.9.11 with the sudo command. It has been corrected in this version. === v0.9.11 27/04/2010 === * Corrects traceback when executing a command that had a python homonym (e.g. "print foo" or "set"). (Closes: SF#2969631) * Corrected completion error when using "~/". Thanks to Piotr Minkina for reporting this. * Corrected the get_aliases function. * Corrected interpretation of ~user. Thank you Adrien Urban for reporting this. * The 'home_path' variable is being deprecated from this version and on. Please use your system's tools to set a user's home directory. It will be completely removed in the next version of lshell. * Corrected shell variable and wildcards expansions when checking a command. Thank you Adrien Urban for reporting this. * Added possibility to allow/forbid scp upload/download using scp_upload and scp_download variables. * Corrected bug when using the "command=" in openSSH's authorized_keys. lshell now takes into account the SSH_ORIGINAL_COMMAND environment variable. Thank you Jason Heiss for reporting this. * Corrected traceback when aliases is not defined in configuration, and command is sent over SSH. Thank you Jason Heiss for reporting this. === v0.9.10 08/03/2010 === * Corrected minor bug in the aliases function that appeared in the previous version. Thank you Piotr Minkina for reporting this. === v0.9.9 07/03/2010 === * Added the possibility to configure introduction prompt. * Replaced "joker" by "warnings" (more elegant) * Possibility of limiting the history file size. * Added lpath built-in command to list allowed and denied path. Thanks to Adrien Urban. * Corrected bug when using "~" was not parsed as "home directory" when used in a command other than "cd". Thank you Adrien Urban finding this. * Corrected minor typo when warning for a forbidden path. * If $(foo) is present in the line, check if foo is allowed before executing the line. Thank you Adrien Urban for pointing this out! * Added the possibility to list commands allowed to be executed using sudo. The new configuration field is sudo_commands. * Added the clear(1) command as a built-in command. * Added '$(' and '${' in the forbidden list by default in the configuration file. * Now check the content of curly braces with variables '${}'. Thank you Adrien Urban for reporting this. * Added possibility to set history file name using history_file in the configuration file. * Corrected the bug when using '|', '&' or ';' over ssh. Over ssh forbidden characters refers now to the list provided in the "forbidden" field. Thank you Jools Wills for reporting this! * It now possible to use "&&" and "||" even if "&" and/or "|" are in the forbidden list. In order to forbid them too, you must add them explicitely in the forbidden list. Thank you Adrien Urban for this suggestion. * Fixed aliases bug that replaced part of commands rendering them unusable. e.g. aliase vi:vim replaced the view command by vimew. * Added a logrotate file for lshell log files. * Corrected parsing of commands overssh to be checked by the same function used by the lshell CLI. Thank you Adrien Urban for you security audit and excellent ideas! === v0.9.8 30/11/2009 === * Major bug fix. lshell did not launch on python 2.4 and 2.5 (https://sourceforge.net/projects/lshell/forums/forum/778301/topic/3474668) * Added aliases for commands over SSH. === v0.9.7 25/11/2009 === * Cleaned up the Python code * Corrected crash when directory permission denied (Closes: https://sourceforge.net/tracker/?func=detail&aid=2875374&group_id=215792&atid=1035093) * Added possibility to set the home_path option using the '%u' flag. (e.g. '/var/chroot/%u' where '%u' will be replaced by the user's username) * Now replaces "~" by user's home directory. === v0.9.6 9/09/2009 === * Major security fix. User had access to all files located in forbidden directories (Closes: https://sourceforge.net/tracker/?func=detail&aid=2838542&group_id=215792&atid=1035093) * Corrects RPM generation bug (Closes: https://sourceforge.net/tracker/index.php?func=detail&aid=2838283&group_id=215792&atid=1035093) * lshell exits gracefully when user home directory doesn't exist === v0.9.5 28/07/2009 === * Minor release * Changed lshell's group from lshellg to lshell (this should not have an \ impact on older installations) * Minor typo correction in the lshell.py code === v0.9.4 09/06/2009 === * Log file name is now configurable using 'logfilename' variable inside the\ configuration file * Corrected aliases in lshell.conf to work with *BSD === v0.9.3 13/04/2009 === * corrected major bug (alias related) === v0.9.2 05/04/2009 === * added Force SCP directory feature * added command alias feature === v0.9.1 24/03/2009 === * loglevel can now be defined on global, group or user level * corrected sftp support (broken since in 0.9.0) === v0.9.0 20/03/2009 === * As lshell has reached the point where it can be considered as a nearly \ stable software. I decided to make a version jump to 0.9.0 * corrected bug in case PATH does not exist and allowed set to 'all' * added support for UNIX groups in configuration file * cleaned up code * corrected major security bug * corrected path completion, to complete only allowed path simplified the \ check_secure and check_path functions * added escape code handling (tested with ftp, gdb, vi) * added flexible +/- possibilities in configuration file * now supports completion after '|', ';' and '&' * Command test are also done after '|', ';' and '&' * Doesn't list hidden directories by default * There are now 4 logging levels (4: logs absolutely everything user types) * added 'strict' behaviour. If set to 1, any unknown command is considered \ as forbidden, as warning counter is decreased. === v0.2.6 02/03/2009 === * added 'all' to allow all commands to a user * added backticks in lshell.conf * changes made to setup.py in version 0.2.5 were undone + added classifiers === v0.2.5 15/02/2009 === * corrected import readline [bug] * added log directory instead of a logfile * created log levels (0 to 3) * setup.py is now BSD compatible (using --install-data flag) === v0.2.4 27/01/2009 === * NEW: "overssh" in config file. Allows to set commands allowed to execute \ over ssh (e.g. rsync) * fixed timer * added python logging method * cleaned code * cleaner "over ssh commands" support (e.g. scp, sftp, rsync, etc.) === v0.2.3 03/12/2008 === * corrected completion * added [global] section in configuration file === v0.2.2 29/10/2008 === * corrected SCP functionnality * added SFTP support * passwd in not mandatory in configuration file (deprecated) * lshell is now added to /etc/shells using `add-shell` === v0.2.1 20/10/2008 === * Corrected rpm & deb builds * added a manpage === v0.2 18/10/2008 === * Initial debian packaging === v0.2 17/10/2008 === * Added config and log option on command line (-c|--config and -l|--log) * Initial source packaging using distutils * Initial rpm packaging using distutils === v0.2 07/10/2008 === * Added file completion * Added a history file per user * Added a logging for warnings and log in/out * Added prompt update when user changes directory (bash like) * Corrected the check_path function * Changed user setting from global variable to dict * Added a default profile used when a parameter is not set for a user === 06/05/2008 === * Added an shell script usefull to install and manage lshell users === 08/04/2008 === * Added evironment path (env_path) update support * Added home path (home_path) variable === 29/03/2008 === * Corrected class declaration bug and configuration file location * Updated the README file with another usage of lshell === 05/02/2008 === * added a path variable to restrict the user's geographic actions * MAJOR: added SCP support (also configurable through the config file) === 31/01/2008 === * MAJOR: Added the 'help' method * Did some code cleanup === 28/01/2008 === * Initial release of lshell