update documentation; get ready for a 2.3rc4 release

git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@634 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago · 08e54eead9
parent c4c88ccabb
commit 08e54eead9
6 changed files with 44 additions and 18 deletions
--- a/CHANGELOG.TXT
+++ b/CHANGELOG.TXT
@ -11,6 +11,16 @@
 # $Id$


+Version 2.3rc4 - 2009/04/18 - SVN r632
+--------------------------------------
+
+  - *Security fix* - on upgrade setup.php is restored; allowing a malicious
+    user to create their own superadmin account. We've removed the requirement to delete
+    setup.php, and instead a new config parameter (setup_password) is used to protect access
+    to this page. Password is encrypted, and setup.php can be used to generate the initial value.
+  - Fix undefined variables problem(s)
+  - Fix PostgreSQL date timestamp issues...
+ 
 Version 2.3rc3 - 2009/04/06 - SVN r611
 --------------------------------------

--- a/DOCUMENTS/UPGRADE.txt
+++ b/DOCUMENTS/UPGRADE.txt
@ -43,7 +43,7 @@ or
 Make sure that you are in your WWW directory and then unarchive the
 Postfix Admin archive (whatever the filename is):

-  $ tar -zxvf postfixadmin-2.2.tgz
+  $ tar -zxvf postfixadmin-X.X.tgz


 3. Change permissions
@ -66,28 +66,32 @@ relevant to your setup.
 Comparing config.inc.php with your previous using "diff" might save you some
 time.

+You can use a config.local.php file to contain your local settings - these will override any 
+defined in config.inc.php

-5. Perform appropriate database upgrades
+5. Run setup.php
 ----------------------------------------

+Access setup.php through a web browser.
+
+It will attempt to upgrade your database, and also allow you to create a superadmin user.
+
+From version 2.3, you need to specify a setup_password in config.inc.php - 
+setup.php should guide you through this process. If you do not have a setup_password, type one
+into the form, and setup.php will echo out the hashed value (which needs to go into config.inc.php).
+The setup_password removes the requirement for you to delete setup.php, and also closes a security hole.
+
 Since version 2.2 of Postfixadmin, setup.php can perform the needed database 
 updates automatically .

-Open setup.php in your browser to update your database scheme.
-
 If you update from 2.1 or older, also create a superadmin account using setup.php.

 Note that admin/ has been merged into the main directory. Login with the
 superadmin account to setup domains and domain admins.


-6. Delete setup.php
-------------------
-Delete setup.php - it allown non-authorized users to create a superadmin
-account!
-

-7. Done
+6. Done
 -------
 This is all that is needed. Fire up your browser and go to the site that you
 specified to host Postfix Admin.
--- a/INSTALL.TXT
+++ b/INSTALL.TXT
@ -104,13 +104,12 @@ You should see a list of 'OK' messages.
 The setup.php script will attempt to create the database structure 
 (or upgrade it if you're coming from a previous version). 

-Assuming everything is OK you can create the admin user using the form displayed.
+Assuming everything is OK you can specify a password (which you'll 
+need to use setup.php again in the future); when you submit the form, 
+the hashed value (which you need to enter into config.inc.php is echoed 
+out - with appropriate instructions on what to do with it).

-Once you submit the form, all that's left to do is to delete "setup.php"
-
-e.g.
-
-mv setup.php setup.php.disabled
+create the admin user using the form displayed.

 5. Use PostfixAdmin
 -------------------
@ -122,4 +121,7 @@ specified to host Postfix Admin.
 -------------------
 As of March 2007, PostfixAdmin moved to SourceForge.  For the
 forum posts and source updates, see:
+
 https://sourceforge.net/projects/postfixadmin
+
+There is also #postfixadmin on irc.freenode.net.
--- a/config.inc.php
+++ b/config.inc.php
@ -31,7 +31,9 @@ if (ereg ("config.inc.php", $_SERVER['PHP_SELF']))
 */
 $CONF['configured'] = false;

-// In order to setup Postfixadmin, you MUST change the password below.
+// In order to setup Postfixadmin, you MUST specify a hashed password here.
+// To create the hash, visit setup.php in a browser and type a password into the field,
+// on submission it will be echoed out to you as a hashed value.
 $CONF['setup_password'] = 'changeme';

 // Postfix Admin Path
--- a/debian/changelog
+++ b/debian/changelog
@ -1,3 +1,11 @@
+postfixadmin (2.3rc4) unstable; urgency=low
+
+  * Security fix for setup.php (issue occurs for those upgrading only; where 
+    it's possible for a new admin user to get created by nasty.person)
+  * SVN revision 632
+
+ -- David Goodwin <david.goodwin@palepurple.co.uk>  Sat, 18 Apr 2009 21:00:00 +0000
+
 postfixadmin (2.3rc3) unstable; urgency=low

  * Attempt at fixing Debian build issues (thanks to mez@sourceguru.net)
--- a/functions.inc.php
+++ b/functions.inc.php
@ -22,7 +22,7 @@ if (ereg ("functions.inc.php", $_SERVER['PHP_SELF']))
    exit;
 }

-$version = '2.3 rc3';
+$version = '2.3 rc4';

 /**
 * check_session