Makefile created

debian installer improved binary suid wrappers added
17 years ago · d0d27ea05e
parent 6579b05754
commit d0d27ea05e
19 changed files with 355 additions and 120 deletions
--- a/60
+++ b/60
@ -0,0 +1,60 @@
+#
+# Makefile for the cryptobox web-interface
+#
+# Copyright (c) 02006 senselab
+#
+
+CRYPTOBOX_ROOT = .
+
+PREFIX = /usr/local
+SHARE_DIR = $(PREFIX)/share/cryptobox
+LIB_DIR = $(PREFIX)/lib/cryptobox
+DOC_DIR = $(PREFIX)/share/doc/cryptobox
+BUILD_DIR = build_dir
+INSTALL = install
+
+.PHONY: install clean build
+
+build:
+	$(INSTALL) -d -m 755 $(BUILD_DIR)/etc
+	$(INSTALL) -c -m 644 conf-examples/cryptobox.conf $(BUILD_DIR)/etc/
+	@sed -i 's#^HTML_TEMPLATE_DIR=.*$$#HTML_TEMPLATE_DIR=$(SHARE_DIR)/templates#' $(BUILD_DIR)/etc/cryptobox.conf
+	@sed -i 's#^LANGUAGE_DIR=.*$$#LANGUAGE_DIR=$(SHARE_DIR)/lang#' $(BUILD_DIR)/etc/cryptobox.conf
+	@sed -i 's#^DOC_DIR=.*$$#DOC_DIR=$(DOC_DIR)/html#' $(BUILD_DIR)/etc/cryptobox.conf
+	@sed -i 's#^CONFIG_DEFAULTS_DIR=.*$$#CONFIG_DEFAULTS_DIR=$(SHARE_DIR)/defaults#' $(BUILD_DIR)/etc/cryptobox.conf
+
+	# compile the suid wrapper
+	$(MAKE) -C bin LIB_DIR=$(LIB_DIR)
+	@touch $(BUILD_DIR)-stamp
+
+
+install: $(BUILD_DIR)-stamp
+	$(INSTALL) -d -m 755 $(LIB_DIR)
+	$(INSTALL) -c -m 755 bin/cbox-manage.sh $(LIB_DIR)
+	$(INSTALL) -c -m 755 bin/cbox-root-actions.sh $(LIB_DIR)
+	$(INSTALL) -c -m 755 bin/cryptobox.pl $(LIB_DIR)
+	$(INSTALL) -c -m 755 bin/cryptobox_cgi_wrapper $(LIB_DIR)
+	$(INSTALL) -c -m 4755 bin/cryptobox_root_wrapper $(LIB_DIR)
+	$(INSTALL) -d -m 755 $(SHARE_DIR)/lang
+	$(INSTALL) -c -m 644 lang/* $(SHARE_DIR)/lang/
+	$(INSTALL) -d -m 755 $(SHARE_DIR)/templates
+	$(INSTALL) -c -m 644 templates/*.cs $(SHARE_DIR)/templates
+	$(INSTALL) -d -m 755 $(SHARE_DIR)/defaults
+	$(INSTALL) -c -m 644 conf-examples/default-settings/* $(SHARE_DIR)/defaults/
+	$(INSTALL) -d -m 755 $(SHARE_DIR)/html
+	$(INSTALL) -c -m 644 www-data/*.css $(SHARE_DIR)/html/
+	$(INSTALL) -c -m 644 www-data/*.png $(SHARE_DIR)/html/
+	$(INSTALL) -c -m 644 www-data/*.gif $(SHARE_DIR)/html/
+	$(INSTALL) -d -m 755 $(SHARE_DIR)/html/screenshots
+	$(INSTALL) -c -m 644 www-data/screenshots/*.png $(SHARE_DIR)/html/screenshots/
+	$(INSTALL) -d -m 755 $(DOC_DIR)/html/en
+	$(INSTALL) -d -m 755 $(DOC_DIR)/html/de
+	$(INSTALL) -c -m 644 doc/html/en/* $(DOC_DIR)/html/en/
+	$(INSTALL) -c -m 644 doc/html/de/* $(DOC_DIR)/html/de/
+
+
+clean:
+	$(MAKE) -C bin clean
+	-rm -rf $(BUILD_DIR)
+	-rm -f $(BUILD_DIR)-stamp
+
--- a/bin/Makefile
+++ b/bin/Makefile
@ -0,0 +1,37 @@
+# Makefile to compile the binary suid-wrapper for cryptobox
+#
+# LIB_DIR should be defined in the higher level Makefile
+#
+
+HEADER_FILE	= cryptobox_wrapper.h
+SRC_FILE	= cryptobox_wrapper.c
+CGI_SUID_FILE	= cryptobox_cgi_wrapper
+ROOT_SUID_FILE	= cryptobox_root_wrapper
+
+CGI_FILENAME	= cryptobox.pl
+ROOT_SCRIPT_FILENAME	= cbox-root-actions.sh
+# fall back to default, if not overwritten
+LIB_DIR	= /usr/local/lib/cryptobox
+
+
+# _always_ recompile (in case of a changed LIB_DIR)
+.PHONY: build clean $(CGI_SUID_FILE) $(ROOT_SUID_FILE)
+
+build:	$(CGI_SUID_FILE) $(ROOT_SUID_FILE)
+
+	
+$(CGI_SUID_FILE):	$(SRC_FILE)
+	$(NOECHO) echo '#define EXEC_PATH "$(LIB_DIR)/$(CGI_FILENAME)"' >$(HEADER_FILE)
+	$(CC) -o $(CGI_SUID_FILE) $(SRC_FILE)
+	-rm $(HEADER_FILE)
+
+
+$(ROOT_SUID_FILE):	$(SRC_FILE)
+	$(NOECHO) echo '#define EXEC_PATH "$(LIB_DIR)/$(ROOT_SCRIPT_FILENAME)"' >$(HEADER_FILE)
+	$(CC) -o $(ROOT_SUID_FILE) $(SRC_FILE)
+	-rm $(HEADER_FILE)
+
+
+clean:
+	-rm -f $(CGI_SUID_FILE) $(ROOT_SUID_FILE) $(HEADER_FILE) 
+
--- a/bin/cbox-manage.sh
+++ b/bin/cbox-manage.sh
@ -26,6 +26,8 @@ EXEC_FIREWALL_RULES=0
 SKIP_NETWORK_CONFIG=1
 CONF_FILE=/etc/cryptobox/cryptobox.conf

+LIB_DIR=$(dirname "$0")
+CONFIG_DIR=~/config

 # read the default setting file, if it exists
 [ -e /etc/default/cryptobox ] && . /etc/default/cryptobox
@ -38,6 +40,9 @@ CONF_FILE=/etc/cryptobox/cryptobox.conf

 ## configuration
 CERT_TEMP=/tmp/stunnel.pem
+ROOT_PERM_SCRIPT=$(dirname "$0")/cryptobox_root_wrapper
+# ROOT_PERM_SCRIPT needs the MNT_PARENT setting
+export MNT_PARENT="$(cd ~; pwd)/mnt"

 ######## stuff ##########

@ -69,12 +74,12 @@ function config_set_value()
 # parameters: SettingName [SettingValue]
 # read from stdin if SettingValue is not defined
 {
-	[ "$USE_SEPERATE_CONFIG_PARTITION" = "1" ] && sudo "$ROOT_PERM_SCRIPT" remount_config rw
+	[ "$USE_SEPERATE_CONFIG_PARTITION" = "1" ] && "$ROOT_PERM_SCRIPT" remount_config rw
 	if [ $# -gt 1 ]
 		then	echo -n "$2" > "$CONFIG_DIR/$1"
 		else	cat - >"$CONFIG_DIR/$1"
 	  fi
-	[ "$USE_SEPERATE_CONFIG_PARTITION" = "1" ] && sudo "$ROOT_PERM_SCRIPT" remount_config ro
+	[ "$USE_SEPERATE_CONFIG_PARTITION" = "1" ] && "$ROOT_PERM_SCRIPT" remount_config ro
 }


@ -115,10 +120,10 @@ function create_config()
 	if [ "$USE_SEPERATE_CONFIG_PARTITION" != "1" ]
 	   then log_msg "Using static configuration ..."
 	   else	log_msg "Creating config filesystem ..."
-			sudo "$ROOT_PERM_SCRIPT" create_config "$device"
+			"$ROOT_PERM_SCRIPT" create_config "$device"
 			log_msg "Mounting config partition ..."
-			sudo "$ROOT_PERM_SCRIPT" mount_config "$device" 
-			sudo "$ROOT_PERM_SCRIPT" remount_config rw
+			"$ROOT_PERM_SCRIPT" mount_config "$device" 
+			"$ROOT_PERM_SCRIPT" remount_config rw
 	  fi
 	log_msg "Copying configuration defaults ..."
 	cp -a "$CONFIG_DEFAULTS_DIR/." "$CONFIG_DIR"
@ -154,11 +159,11 @@ function list_partitions_of_type()
 	local plaindata=
 	local unused=
 	for a in $ALL_PARTITIONS
-		do	if sudo "$ROOT_PERM_SCRIPT" is_crypto_partition "/dev/$a"
+		do	if "$ROOT_PERM_SCRIPT" is_crypto_partition "/dev/$a"
 			   then	crypto="$crypto /dev/$a"
-			   elif	sudo "$ROOT_PERM_SCRIPT" is_config_partition "/dev/$a"
+			   elif	"$ROOT_PERM_SCRIPT" is_config_partition "/dev/$a"
 				   then	config="$config /dev/$a"
-				   elif	sudo "$ROOT_PERM_SCRIPT" is_plaindata_partition "/dev/$a"
+				   elif	"$ROOT_PERM_SCRIPT" is_plaindata_partition "/dev/$a"
 					   then	plaindata="$plaindata /dev/$a"
 					   else	unused="$unused /dev/$a"
 			  fi
@ -178,7 +183,7 @@ function list_partitions_of_type()
 function get_crypto_uuid()
 # Parameter: DEVICE
 {
-	sudo "$ROOT_PERM_SCRIPT" get_device_name "$1"
+	"$ROOT_PERM_SCRIPT" get_device_name "$1"
 }


@ -216,7 +221,6 @@ function does_crypto_name_exist()
 function create_crypto()
 # Parameter: DEVICE NAME KEYFILE
 # keyfile is necessary, to allow background execution via 'at'
-# TODO: check if the keyfile is still necessary for sudo -b
 {
 	local device=$1
 	local name=$2
@ -229,7 +233,7 @@ function create_crypto()
 	rm "$keyfile"

 	log_msg "Creating crypto partition with the cipher $DEFAULT_CIPHER on $device"
-	echo "$key" | sudo "$ROOT_PERM_SCRIPT" create_crypto "$device"
+	echo "$key" | "$ROOT_PERM_SCRIPT" create_crypto "$device"

 	set_crypto_name "$device" "$name"
 }
@ -302,9 +306,9 @@ function load_config()
 	[ "$USE_SEPERATE_CONFIG_PARTITION" = "1" ] && \
 		list_partitions_of_type config | while read part && [ "$status" = 0 ]
 			do	log_msg "Trying to load configuration from /dev/$part ..."
-				if sudo "$ROOT_PERM_SCRIPT" is_config_partition "/dev/$part"
+				if "$ROOT_PERM_SCRIPT" is_config_partition "/dev/$part"
 				   then	log_msg "configuraton found on $part"
-						sudo "$ROOT_PERM_SCRIPT" mount_config "/dev/$part"
+						"$ROOT_PERM_SCRIPT" mount_config "/dev/$part"
 						status=1
 				  fi
 		  done
@ -324,7 +328,7 @@ function unload_config()
 	is_config_active || return
 	# only try to unmount, if it is not static (the config of a live-cd is always dynamic)
 	if [ "$USE_SEPERATE_CONFIG_PARTITION" = "1" ]
-		then	sudo "$ROOT_PERM_SCRIPT" umount_config
+		then	"$ROOT_PERM_SCRIPT" umount_config
 		else	true
 	  fi
 }
@ -338,7 +342,7 @@ function mount_crypto()
 	is_crypto_mounted "$device" && echo "The crypto filesystem is already active!" && return
 	# passphrase is read from stdin
 	log_msg "Mounting a crypto partition from $device"
-	sudo "$ROOT_PERM_SCRIPT" mount "$device" >>"$LOG_FILE" 2>&1
+	"$ROOT_PERM_SCRIPT" mount "$device" >>"$LOG_FILE" 2>&1
 }


@ -347,7 +351,7 @@ function umount_crypto()
 {
 	local device=$1
 	local uuid=$(get_crypto_uuid $device)
-	sudo "$ROOT_PERM_SCRIPT" umount "$uuid"
+	"$ROOT_PERM_SCRIPT" umount "$uuid"
 }


@ -358,7 +362,7 @@ function box_purge()
 	# TODO: not ALL harddisks, please!
 	get_available_disks | while read a
 		do	log_msg "Purging $a ..."
-			sudo "$ROOT_PERM_SCRIPT" trash_device "$a"
+			"$ROOT_PERM_SCRIPT" trash_device "$a"
 	  done
 }

@ -371,7 +375,7 @@ function init_cryptobox()
 	turn_off_all_crypto
 	unload_config || true
 	log_msg "Partitioning the device ($device) ..."
-	sudo "$ROOT_PERM_SCRIPT" partition_disk "$device" "0,1,L \n,,L\n"
+	"$ROOT_PERM_SCRIPT" partition_disk "$device" "0,1,L \n,,L\n"
 	log_msg "Initializing config partition on ${device}1 ..."
 	# TODO: this should not be hard-coded
 	create_config "${device}1"
@ -518,7 +522,7 @@ case "$ACTION" in
 		# reconfigure the network interface to a new IP address
 		# wait for 5 seconds to finish present http requests
 		if [ "$SKIP_NETWORK_CONFIG" != 1 ]
-			then	echo -n "sleep 5; sudo $ROOT_PERM_SCRIPT update_network" | at now
+			then	echo -n "sleep 5; \"$ROOT_PERM_SCRIPT\" update_network" | at now
 		  fi
 		;;
 	get_available_disks )
@ -537,7 +541,7 @@ case "$ACTION" in
 		;;
 	diskinfo )
 		get_available_disks | while read a
-			do	sudo "$ROOT_PERM_SCRIPT" diskinfo "$a"
+			do	"$ROOT_PERM_SCRIPT" diskinfo "$a"
 		  done
 		;;
 	box-purge )
--- a/bin/cryptobox.pl
+++ b/bin/cryptobox.pl
@ -17,6 +17,13 @@ use strict;
 use CGI;
 use ClearSilver;
 use ConfigFile;
+use English;
+
+# drop privileges
+$UID = $EUID;
+$GID = $EGID;
+
+$ENV{'PATH'} = '/bin:/usr/bin';

 my $CONFIG_FILE = '/etc/cryptobox/cryptobox.conf';

@ -25,10 +32,14 @@ my $pagedata;
 my ($LANGUAGE_DIR, $DEFAULT_LANGUAGE, $HTML_TEMPLATE_DIR, $DOC_DIR);
 my ($CB_SCRIPT, $LOG_FILE, $IS_DEVEL, $STYLESHEET_URL);

+# get the directory of the cryptobox scripts/binaries and untaint it
+$CB_SCRIPT = $0;
+$CB_SCRIPT =~ m/^(.*)\/[^\/]*$/;
+$CB_SCRIPT = "$1/cbox-manage.sh";
+
 &fatal_error ("could not find configuration file ($CONFIG_FILE)") unless (-e $CONFIG_FILE);
 my $config = ConfigFile::read_config_file($CONFIG_FILE);

-$CB_SCRIPT = $config->{CB_SCRIPT};
 $LOG_FILE = $config->{LOG_FILE};
 $LANGUAGE_DIR = $config->{LANGUAGE_DIR};
 $DEFAULT_LANGUAGE = $config->{LANGUAGE};
@ -38,7 +49,9 @@ $IS_DEVEL = ( -e $config->{DEV_FEATURES_SCRIPT});
 $STYLESHEET_URL = $config->{STYLESHEET_URL};

 # TODO: just a quick-and-dirty hack during migration to multiple containers
-my $CRYPTO_DEV = `$CB_SCRIPT get_available_disks | cut -f 1 -d " " | tr "\n" "2"`;
+my $CRYPTO_DEV = &get_available_disks();
+$CRYPTO_DEV =~ m/^([\w\/_\-\.]*)$/;
+$CRYPTO_DEV = "${1}2";

 my $query = new CGI;

@ -96,7 +109,7 @@ sub load_selected_language
 	$data->readFile("$LANGUAGE_DIR/$DEFAULT_LANGUAGE" . ".hdf");

 	# load configured language, if it is valid
-	$config_language = `$CB_SCRIPT get_config language`;
+	$config_language = &exec_cb_script("get_config","language");
 	$config_language = $DEFAULT_LANGUAGE unless (&validate_language("$config_language"));

 	# check for preferred browser language, if the box was not initialized yet
@ -199,50 +212,72 @@ sub check_ssl
 	# BEWARE: dirty trick - is there a better way?
 	# stunnel is not in transparent mode -> that means, it replaces REMOTE_ADDR with
 	# its own IP (localhost, of course)
+	# TODO: this does not work with a native ssl webserver
 	return ($ENV{'REMOTE_ADDR'} eq '127.0.0.1');
 }


 sub check_mounted
 {
-	return (system("$CB_SCRIPT","is_crypto_mounted",$CRYPTO_DEV) == 0);
+	return (system($CB_SCRIPT,"is_crypto_mounted",$CRYPTO_DEV) == 0);
 }


 sub check_config
 {
-	return (system("$CB_SCRIPT","is_config_mounted",$CRYPTO_DEV) == 0);
+	return (system($CB_SCRIPT,"is_config_mounted") == 0);
+}
+
+
+sub exec_cb_script {
+	my (@params) = @_;
+	my ($pid, @result);
+	&fatal_error("unable to fork process") unless defined($pid = open(PROG_OUT, "-|"));
+	if (!$pid) {
+		# child
+		exec($CB_SCRIPT, @params) or &fatal_error("failed to execute $CB_SCRIPT!");
+		exit 0;
+	} else {
+		# parent
+		@result = <PROG_OUT>;
+		close PROG_OUT or warn "error while running $CB_SCRIPT: $?";
+	}
+	if (wantarray) {
+		return @result;
+	} else {
+		return join('',@result);
+	}
 }


 sub check_init_running
 {
-	return (system("$CB_SCRIPT","is_init_running") == 0);
+	return (system($CB_SCRIPT,"is_init_running") == 0);
 }


 sub is_harddisk_available
 {
-	return (system("$CB_SCRIPT","is_harddisk_available") == 0);
+	return (system($CB_SCRIPT,"is_harddisk_available") == 0);
 }

 sub get_available_disks
 # TODO: this is useful for diskselection buttons
 {
-	return `$CB_SCRIPT get_available_disks`;
+	return &exec_cb_script("get_available_disks");
 }

 sub get_current_ip
 # the IP of eth0 - not the configured value of the box (only for validation)
 {
-	return `$CB_SCRIPT get_current_ip`;
+	return &exec_cb_script("get_current_ip");
 }


 sub get_admin_pw
 # returns the current administration password - empty, if it is not used
 {
-	return `$CB_SCRIPT get_config admin_pw`;
+	return &exec_cb_script("get_config","admin_pw");
 }


@ -275,7 +310,7 @@ sub mount_vol
 sub umount_vol
 {
 	if (&check_mounted) {
-		system("$CB_SCRIPT", "crypto-down",$CRYPTO_DEV);
+		system($CB_SCRIPT, "crypto-down",$CRYPTO_DEV);
 	} else {
 		$pagedata->setValue('Data.Warning', 'NotMounted');
 	}
@ -286,7 +321,7 @@ sub box_init
 {
 	my ($crypto_pw, $admin_pw) = @_;

-	system("$CB_SCRIPT", "init") || return 1;
+	system($CB_SCRIPT, "init") || return 1;

 	# partitioning, config and initial cryptsetup
 	# TODO: define the name of the crypto container
@ -295,25 +330,26 @@ sub box_init
 	close(PW_INPUT);

 	# set administration password
-	system("$CB_SCRIPT", "set_config", "admin_pw", "$admin_pw");
+	$admin_pw =~ m/^(.*)$/;
+	system($CB_SCRIPT, "set_config", "admin_pw", $1);
 }

 sub box_purge
 {
-	system("$CB_SCRIPT", "box-purge");
+	system($CB_SCRIPT, "box-purge");
 }

 sub system_poweroff
 {
 	&umount_vol() if (&check_mounted());
-	system("$CB_SCRIPT", "poweroff");
+	system($CB_SCRIPT, "poweroff");
 }


 sub system_reboot
 {
 	&umount_vol() if (&check_mounted());
-	system("$CB_SCRIPT", "reboot");
+	system($CB_SCRIPT, "reboot");
 }


@ -367,6 +403,7 @@ sub validate_doc_language


 $pagedata = load_hdf();
+my $current_admin_pw;

 # BEWARE: there are two kinds of actions:
 #     * some require a harddisk
@ -522,7 +559,7 @@ if ( ! &check_ssl()) {
 		}
 	#################### init_do ########################
 	} elsif ($action eq 'init_do') {
-		my $current_admin_pw = &get_admin_pw;
+		$current_admin_pw = &get_admin_pw;
 		if ($current_admin_pw ne '' && $current_admin_pw ne $query->param('current_admin_password')) {
 			$pagedata->setValue('Data.Warning', 'WrongAdminPassword');
 			$pagedata->setValue('Data.Action', 'form_init');
@ -566,7 +603,7 @@ if ( ! &check_ssl()) {
 			$pagedata->setValue('Data.Warning', 'NotInitialized');
 			$pagedata->setValue('Data.Action', 'form_init');
 		} else {
-			my $current_admin_pw = &get_admin_pw;
+			$current_admin_pw = &get_admin_pw;
 			if ($current_admin_pw ne '' && $current_admin_pw ne $query->param('current_admin_password')) {
 				$pagedata->setValue('Data.Warning', 'WrongAdminPassword');
 				$pagedata->setValue('Data.Action', 'form_config');
@ -580,16 +617,16 @@ if ( ! &check_ssl()) {
 				$pagedata->setValue('Data.Warning', 'InvalidTimeOut');
 				$pagedata->setValue('Data.Action', 'form_config');
 			} else {
-				system("$CB_SCRIPT", "set_config", "language", $query->param('language'));
+				system($CB_SCRIPT, "set_config", "language", $query->param('language'));
 				&load_selected_language($pagedata);
-				system("$CB_SCRIPT", "set_config", "timeout", $query->param('timeout'));
+				system($CB_SCRIPT, "set_config", "timeout", $query->param('timeout'));
 				# check, if the ip was reconfigured
-				if ($query->param('ip') ne `$CB_SCRIPT get_config ip`)
+				if ($query->param('ip') ne &exec_cb_script("get_config","ip"))
 				{
 					# set the new value
-					system("$CB_SCRIPT", "set_config", "ip", $query->param('ip'));
+					system($CB_SCRIPT, "set_config", "ip", $query->param('ip'));
 					# reconfigure the network interface
-					system("$CB_SCRIPT", "update_ip_address");
+					system($CB_SCRIPT, "update_ip_address");
 					# redirect to the new address
 					$pagedata->setValue('Data.Redirect.URL', "https://" . $query->param('ip') . $ENV{'SCRIPT_NAME'});
 					$pagedata->setValue('Data.Redirect.Delay', "5");
@ -597,11 +634,11 @@ if ( ! &check_ssl()) {
 					$pagedata->setValue('Data.Warning', 'IPAddressChanged');
 				}
 				# check for success
-				if (`$CB_SCRIPT get_config timeout` ne $query->param('timeout')) {
+				if (&exec_cb_script("get_config","timeout") ne $query->param('timeout')) {
 					$pagedata->setValue('Data.Warning', 'ConfigTimeOutFailed');
-				} elsif (`$CB_SCRIPT get_config ip` ne $query->param('ip')) {
+				} elsif (&exec_cb_script("get_config","ip") ne $query->param('ip')) {
 					$pagedata->setValue('Data.Warning', 'ConfigIPFailed');
-				} elsif (`$CB_SCRIPT get_config language` ne $query->param('language')) {
+				} elsif (&exec_cb_script("get_config","language") ne $query->param('language')) {
 					$pagedata->setValue('Data.Warning', 'ConfigLanguageFailed');
 				} else {
 					$pagedata->setValue('Data.Success', 'ConfigSaved');
@ -630,7 +667,7 @@ if ( ! &check_ssl()) {
 	# if we find an existing config partition, then check the adminpw
 	} elsif ($action eq 'do_purge') {
 		if ( &check_config()) {
-			my $current_admin_pw = &get_admin_pw;
+			$current_admin_pw = &get_admin_pw;
 			if ($current_admin_pw ne '' && $current_admin_pw ne $query->param('current_admin_password')) {
 				$pagedata->setValue('Data.Warning', 'WrongAdminPassword');
 				$pagedata->setValue('Data.Action', 'form_config');
@ -673,13 +710,13 @@ $pagedata->setValue('Data.Status.IP', "$output");
 $output = &get_admin_pw();
 $pagedata->setValue('Data.Config.AdminPasswordIsSet', 1) if ($output ne '');

-$output = `$CB_SCRIPT diskinfo 2>&1 | sed 's#\$#<br/>#'`;
+$output = join ("<br/>", &exec_cb_script("diskinfo"));
 $pagedata->setValue('Data.PartitionInfo',"$output");

 # preset config settings for clearsilver
-$pagedata->setValue('Data.Config.IP', `$CB_SCRIPT get_config ip`);
-$pagedata->setValue('Data.Config.TimeOut', `$CB_SCRIPT get_config timeout`);
-$pagedata->setValue('Data.Config.Language', `$CB_SCRIPT get_config language`);
+$pagedata->setValue('Data.Config.IP', &exec_cb_script("get_config","ip"));
+$pagedata->setValue('Data.Config.TimeOut', &exec_cb_script("get_config","timeout"));
+$pagedata->setValue('Data.Config.Language', &exec_cb_script("get_config","language"));

 # read log and add html linebreaks
 $output = '';
--- a/bin/cryptobox_wrapper.c
+++ b/bin/cryptobox_wrapper.c
@ -0,0 +1,21 @@
+/* $Id$ */
+
+// define the location of your cryptobox.pl file in this header file
+#include "cryptobox_wrapper.h"
+
+#include <stdio.h>
+#include <unistd.h>
+
+/* C wrapper to allow cryptobox to run under a different uid */
+/* Copyright (C) 02006, senselab, All Rights Reserved */
+/* See the LICENSE file in this distribution for copyright information */
+
+int main(int argc, char *argv[]) {
+
+	// necessary for mount action of the root-script
+	setreuid(geteuid(), -1); 
+
+	argv[0] = EXEC_PATH;
+	execv(EXEC_PATH, argv); 
+
+}
--- a/bin/init-script.sh
+++ b/bin/init-script.sh
@ -0,0 +1,57 @@
+#!/bin/sh
+# 
+# runlevel script of the cryptobox package
+#
+# Copyright (c) 02006, senselab
+#
+# see LICENSE file in this package for details
+#
+
+# check if the cryptobox is installed
+[ -e "/usr/lib/cryptobox/cbox-manage.sh" ] || exit 0
+
+# read the default setting file, if it exists
+[ -e /etc/default/cryptobox ] && . /etc/default/cryptobox
+
+# startup switch defaults to zero (enabled)
+NO_START=${NO_START:-0}
+
+if [ "$NO_START" = "1" ]
+  then	[ $# -eq 0 ] && exit 0
+	[ "$1" = "status" ] && exit 1
+	[ "$1" = "stop" ] && exit 0
+	echo "CryptoBox is disabled by default"
+	exit 0
+ fi
+
+# set CONF_FILE to default value, if not configured in /etc/default/cryptobox
+CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf}
+
+# parse config file
+if [ -e "$CONF_FILE" ]
+  then	. "$CONF_FILE"
+  else	echo "[$(basename $0)] - configuration file ($CONF_FILE) not found!" >&2
+	exit 1
+ fi
+
+case "$1" in
+	start )
+		# nothing to be done
+		;;
+	stop )
+		# unmount all active containers
+		ls ~$CRYPTOBOX_USER/mnt/ | while read mnt_dir
+		  do	grep -q " ~$CRYPTOBOX_USER/mnt/$mnt_dir " /proc/mounts || continue
+		  	"$LIB_DIR/cbox-manage.sh" crypto-down "$mnt_dir"
+		 done 
+		;;
+	restart )
+		"$0" stop 
+		"$0" start
+		;
+	* )
+		echo "invalid action specified - try { start | stop | restart }" >&2
+		exit 1
+		;;
+ esac
+
--- a/conf-examples/cryptobox.conf
+++ b/conf-examples/cryptobox.conf
@ -4,7 +4,7 @@
 LANGUAGE=en
 NET_IFACE=eth0
 FILE_USER=cryptobox-data
-WEB_USER=www-data
+CRYPTOBOX_USER=cryptobox
 SCAN_DEVICES="sda"
 #SCAN_DEVICES="hda hdb hdc hdd hde hdf hdg scd sg sda sdb sdc sdd"

@ -20,19 +20,9 @@ STYLESHEET_URL=/cryptobox-misc/cryptobox.css
 LANGUAGE_DIR=/usr/share/cryptobox/lang
 DOC_DIR=/usr/share/doc/cryptobox/html
 CONFIG_DEFAULTS_DIR=/usr/share/cryptobox/defaults
-CONFIG_DIR=/var/lib/cryptobox/config
-MNT_PARENT=/var/lib/cryptobox/mnt

 # some files
-CB_SCRIPT=/usr/lib/cryptobox/cbox-manage.sh
-ROOT_PERM_SCRIPT=/usr/lib/cryptobox/cbox-root-actions.sh
-DEV_FEATURES_SCRIPT=/usr/lib/cryptobox/devel-features.sh
-FIREWALL_SCRIPT=/usr/lib/cryptobox/firewall.sh
-MAKE_CERT_SCRIPT=/usr/lib/cryptobox/make_stunnel_cert.sh
 LOG_FILE=/var/log/cryptobox.log
-CERT_FILE=/var/lib/cryptobox/config/stunnel.pem
-OPENSSL_CONF_FILE=/etc/cryptobox/ssl-cert.conf
-IDLE_COUNTER_FILE=/tmp/cbox-idle-counter
 CONFIG_MARKER=cryptobox.marker

 # crypto settings
@ -45,12 +35,5 @@ SFDISK=/sbin/sfdisk
 MKFS_DATA=/sbin/mkfs.ext3
 MKFS_CONFIG=/sbin/mkfs.ext2
 CRYPTSETUP=/sbin/cryptsetup
-IPTABLES=/sbin/iptables
 IFCONFIG=/sbin/ifconfig

-# firewall setings
-# do not use multiports (iptables) as the timeout-script depends on
-# single port rules
-# ssh is allowed too, but the server is not started automatically
-ALLOW_TCP_PORTS="22 80 139 443 445"
-ALLOW_UDP_PORTS="137 138"
--- a/conf-examples/defaults-cryptobox.conf
+++ b/conf-examples/defaults-cryptobox.conf
@ -10,17 +10,3 @@ NO_START=1
 # change the default configuration file if necessary
 #CONF_FILE=/etc/cryptobox/cryptobox.conf

-# should the cryptobox skip the network interface configuration?
-# "0" means skip (default) --- "1" causes the cryptobox to configure it
-SKIP_NETWORK_CONFIG=1
-
-# should the cryptobox set some firewall (iptables) rules?
-# if this is turned off, then you have to add the appropriate
-# rules manually (if you need the timeout feature of the cryptobox)
-# default is 0
-EXEC_FIREWALL_RULES=0
-
-# use stunnel for https support?
-# default is 0
-USE_STUNNEL=0
-
--- a/debian/conffiles
+++ b/debian/conffiles
@ -1,6 +1,2 @@
 /etc/cryptobox/cryptobox.conf
-/etc/cryptobox/ssl-cert.conf
-/etc/cryptobox/revision
 /etc/default/cryptobox
-/etc/cron.d/cryptobox
-/etc/init.d/cryptobox
--- a/debian/control
+++ b/debian/control
@ -2,7 +2,7 @@ Source: cryptobox
 Section: admin
 Priority: extra
 Maintainer: sense.lab <senselab@systemausfall.org>
-Build-Depends: debhelper (>>3.0.0), dpatch
+Build-Depends: debhelper (>>3.0.0), dpatch, gcc (>=2.95)
 Standards-Version: 3.6.2

 Package: cryptobox
--- a/debian/dirs
+++ b/debian/dirs
@ -1,2 +1,4 @@
 etc/cryptobox
-usr/share/cryptobox
+etc/default
+etc/init.d
+usr/lib/cgi-bin
--- a/debian/links
+++ b/debian/links
@ -0,0 +1 @@
+/usr/share/cryptobox/html	/var/www/cryptobox-misc
--- a/debian/postinst
+++ b/debian/postinst
@ -7,30 +7,40 @@
 CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf}

 # parse config file
-if [ -e "$CONF_FILE" ]
+if test -e "$CONF_FILE"
 	then	. "$CONF_FILE"
 			# create mount and config directories with appropriate permissions
-			[ ! -e "$MNT_PARENT" ] && mkdir -p "$MNT_PARENT"
-			[ ! -e "$CONFIG_DIR" ] && mkdir -p "$CONFIG_DIR" && \
-				chown "$WEB_USER" "$CONFIG_DIR" && chmod 700 "$CONFIG_DIR"
-			[ ! -e "$LOG_FILE" ] && touch "$LOG_FILE" && chown "$WEB_USER" "$LOG_FILE"
+			test ! -e "$LOG_FILE" && touch "$LOG_FILE" && chown "$CRYPTOBOX_USER" "$LOG_FILE"
  fi

+if getent passwd "$CRYPTOBOX_USER" &>/dev/null
+  then	# do nothing - the user already exists
+  		true
+  else	# create cryptobox user
+	echo "Creating new user '$CRYPTOBOX_USER' ..."
+	USER_HOME=/var/lib/cryptobox
+	adduser --system --group --home "$USER_HOME" cryptobox
+	# add the user to the group "plugdev" (necessary for pmount)
+	adduser cryptobox plugdev
+	cp -r "$CONFIG_DEFAULTS_DIR" "$USER_HOME/config"
+	mkdir "$USER_HOME/mnt"
+	chown -R ${CRYPTOBOX_USER}: "$USER_HOME"
+	# only members of the cryptobox group may access the user directory
+	chmod 750 "$USER_HOME"
+	# no one may look into the config directory (protect init passwords)
+	chmod 700 "$USER_HOME/config"
+ fi
+
+# set permissions for suid wrappers
+chown root:$CRYPTOBOX_USER "/usr/lib/cryptobox/cryptobox_root_wrapper"
+chmod 4750 "/usr/lib/cryptobox/cryptobox_root_wrapper"
+chown $CRYPTOBOX_USER: "/usr/lib/cgi-bin/cryptobox"
+chmod 6755 "/usr/lib/cgi-bin/cryptobox"

 # add the cryptobox startup script to /etc/rc?.d
-update-rc.d cryptobox defaults 98
+update-rc.d cryptobox defaults

 invoke-rc.d cryptobox restart

-if grep -q "cryptobox package.*HEADER" /etc/sudoers
-   then	true
-   else	echo "Adding a new (disabled) entry to /etc/sudoers"
-		cat >>/etc/sudoers <<-EOF
-		######### Automatically inserted by cryptobox package - do not remove - HEADER ######
-		# read /usr/share/doc/cryptobox/SECURITY carefully before enabling the following line
-		#www-data	ALL=NOPASSWD:/usr/lib/cryptobox/cbox-root-actions.sh
-		######### Automatically inserted by cryptobox package - do not remove - FOOTER ######
-		EOF
-  fi
-
 true
+
--- a/debian/postrm
+++ b/debian/postrm
@ -3,16 +3,11 @@
 # remove symlinks in /etc/rc?.d
 [ "$1" = "purge" ] && update-rc.d cryptobox remove

-if [ "$1" = "purge" ] && grep -q "cryptobox package.*HEADER" /etc/sudoers
-	then	echo "Removing entry from /etc/sudoers"
-			sed -i "/cryptobox package.*HEADER/,/cryptobox package.*FOOTER/d" /etc/sudoers
-			echo "Removing mount and config directories (/var/lib/cryptobox) ..."
-			rmdir /var/lib/cryptobox/mnt || echo "	mount directory not empty - skipped" >&2
-			mountpoint -q /var/lib/cryptobox/config || rm -rf /var/lib/cryptobox/config || \
-				echo "	failed to remove config directory - skipped" >&2
-			rmdir /var/lib/cryptobox || \
-				echo "	the cryptobox directory (/var/lib/cryptobox) has not been removed" >&2
-  fi
+if test "$1" = "purge" && getent passwd cryptobox &>/dev/null \
+	&& test "$(cd ~cryptobox;pwd)" = /var/lib/cryptobox 
+  then	echo "Removing user 'cryptobox' ..."
+	userdel -r cryptobox
+ fi

 # return without error
 true
--- a/debian/prerm
+++ b/debian/prerm
@ -1,5 +1,19 @@
 #!/bin/sh

+# read the default setting file, if it exists
+[ -e /etc/default/cryptobox ] && . /etc/default/cryptobox
+
+# set CONF_FILE to default value, if not configured in /etc/default/cryptobox
+CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf}
+
+# parse config file
+if test -e "$CONF_FILE"
+  then	. "$CONF_FILE"
+  else	echo "[$(basename $0)] - configuration file ($CONF_FILE) not found!" >&2
+	exit 1
+ fi
+
 invoke-rc.d cryptobox stop

 true
+
--- a/debian/rules
+++ b/debian/rules
@ -15,6 +15,7 @@ export DH_COMPAT=4
 # necessary for dpatch
 .NOTPARALLEL:

+DEB_BUILD_DIR=$(CURDIR)/debian/cryptobox

 configure: configure-stamp
 configure-stamp: patch
@ -27,7 +28,7 @@ build: build-stamp

 build-stamp: configure-stamp 
 	dh_testdir
-	# PUT SOMETHING HERE
+	$(MAKE) build PREFIX=/usr
 	touch build-stamp

 clean: clean-patched unpatch
@ -35,7 +36,7 @@ clean: clean-patched unpatch
 clean-patched:
 	dh_testdir
 	dh_testroot
-	# PUT SOMETHING HERE
+	$(MAKE) clean
 	rm -f build-stamp configure-stamp
 	dh_clean 

@ -53,8 +54,11 @@ install: build
 	dh_testroot
 	dh_clean -k 
 	dh_installdirs
-
-	# PUT SOMETHING HERE
+	$(MAKE) install PREFIX=$(DEB_BUILD_DIR)/usr
+	install -c -m 644 build_dir/etc/cryptobox.conf $(DEB_BUILD_DIR)/etc/cryptobox/
+	install -c -m 644 conf-examples/defaults-cryptobox.conf $(DEB_BUILD_DIR)/etc/default/cryptobox
+	install -c -m 755 bin/init-script.sh $(DEB_BUILD_DIR)/etc/init.d/cryptobox
+	install -c -m 755 bin/cryptobox_cgi_wrapper $(DEB_BUILD_DIR)/usr/lib/cgi-bin/cryptobox


 # Build architecture-independent files here.
--- a/doc/changelog
+++ b/doc/changelog
@ -0,0 +1,28 @@
+Version 0.3 - 01/??/02006
+ * uses cryptsetup-luks instead of cryptsetup
+ * bugfix: add /dev/hdd to device scan
+ * support for usb, scsi and firewire cdrom drive
+ * seperated cryptobox package
+
+Version 0.2.1 - 10/22/02005
+ * fixed a critical bug in the initialisation process
+ * default cipher changed to "aes-cbc-essiv:sha256" (more secure)
+ * the boot menue (grub) is now protected
+ * support for usb and firewire harddisks
+ * new kernel: Linux 2.6.12.6
+ * minor language improvements
+
+Version 0.2 - 10/04/02005
+ * first public release
+ * fully configurable via web interface
+ * AES encryption via device-mapper
+ * Samba v3.0.14a-3
+ * Linux 2.6.11
+ * based on Debian GNU/Linux 3.1
+ * documentation languages:
+   * English
+   * German 
+ * interface languages:
+   * English
+   * German
+   * Slovenian 
--- a/doc/changelog.Debian.gz
+++ b/doc/changelog.Debian.gz
--- a/doc/changelog.gz
+++ b/doc/changelog.gz
				`@ -0,0 +1 @@`
				`/usr/share/cryptobox/html /var/www/cryptobox-misc`