WebRFM version 0.4 (beta) - released December 18, 1999
========================================================
Added features:
1) WebRFM now has chgrp capability. It is available through
the same file properties sheet from which chmod capability
is provided. Administrators can disable the ability of users
to chgrp files through an appropriate $AllowChgrp variable.
2) WebRFM can now work with Perl 4 (tested with Perl 4.036
on Red Hat Linux 5.1). This yields a performance gain of
around 30% in comparison to the more bloated Perl 5.
However, operation with Perl 4 had not yet been thoroughly
tested, and so, if stability is important, it is recommended
to run the current version with Perl 5 (if available).
Bug fixes:
1) All previous versions of WebRFM had a bug that allowed
users to access files outside of their virtual root
directories. This would be hard to do by accident, or in
the course of regular usage, but a malicious would-be
cracker might be able to discover how to do that. This
problem is fixed now.
2) A few more minor bugs where fixed.
Changes and improvements:
1) WebRFM now detects if a user has the ability to change
file properties (mode and/or group) and it would provide
a form interface for changing properties only if those
properties can actually be changed by the user. For example,
if the user does not own a file, then the properties sheet
he gets for it would be completely static.
2) Some code cleanup. In particular, some code that was
intended to provide native support to Win32 platforms
had been removed. The plan to make WebRFM run natively
on Win32 had been canceled (for now, at least). In theory,
WebRFM should be able to run on Win32 machines by using
Cygwin32 (or some similar layer that emulates a UNIX-like
environment). This had not yet been tested, though.
WebRFM version 0.3b (beta) - released December 7, 1999
========================================================
This is the first feature-complete beta release of WebRFM.
Added features:
1) WebRFM now has chmod capability through an enhanced
properties sheet. Administrators can disable the ability
of users to chmod files through an appropriate $AllowChmod
variable. The properties sheet is accessed by clicking the
'Properties' button of the File Manager. It can also be
accessed independently, by appending the query string
'?properties' to the URL of a resource.
2) A user option to hide hidden files had been added
(like all user options in WebRFM, it can be forced by
the administrator).
3) There are now two, user selectable, different styles
for plain directory indexes. One is purely text based
(essentially the same as the one in the previous release)
and the other uses internal Netscape icons (works well
with Netscape, HotJava, StarOffice, but not with most
other browsers).
4) WebRFM now comes with two sample wrapper scripts that
can be used for logging. They are located in WebRFM's
'scripts' directory. While it is possible to use these
scripts as they are (for debugging or other purposes),
they are particularly intended as an example of how
the Perl 'eval()' function should be used in order to
trap and log errors from WebRFM. Please note that if
you just want to prevent WebRFM from filling your CGI
error-log with its messages, you should simply close
its STDERR by uncommenting the line
# close(STDERR);
at the beginning of the main script.
Bug fixes:
1) The wrfmwrap.c wrapper didn't compile on some commercial
UNIX variants, due to its use of the non-POSIX 'setenv'
function. The new version of the wrapper is POSIX-compliant,
and should work well on all unices.
2) Various additional minor bugs where fixed.
Changes and improvements:
Quite a lot of code changes where made. Most of them should
not have a notable effect on user experience, and they are
mostly geared towards making WebRFM a better code base for
creating customized variants. The most important change is
the addition of an internal access control engine. It works
through 6 functions (IsReadable*, IsWritable*, and
IsCreatable*, where * is either a file or a directory) that
are located in the upper portion of the main script and are
checked throughout WebRFM prior to performing any of the
corresponding operations. In the shipping state of WebRFM,
these functions are mostly just verifying the existing UNIX
permissions (although there may be some rare situations where
they would forbid things that where previously allowed) and
provide slightly improved error messages. The main purpose of
this mechanism, however, is to make it easy to add various
administrative restrictions to WebRFM. For example, it is now
very easy to restrict the depth of directory trees, the length
of filenames, the kind of file extensions, etc., that may
be created with WebRFM. One only needs to customize the
appropriate IsCreatable* function. This access control
engine should also make it easy to add file locking capability
in the future. There is also a new 'IsHidden()' function,
that can be customized to hide files based on arbitrary
criteria.
The MIME table that comes with WebRFM had been enhanced and
enlarged. It is now a superset of the default table that
comes with Apache 1.3.9.
Various mild changes where made to the File Manager. The most
notable is the addition of a '.' (current directory) entry.
WebRFM version 0.2a (alpha) - released July 10, 1999
======================================================
Added feature: WebRFM now has a "Plain Index" mode which
provides plain directory indexing. Easy switching between
"File Manager" mode and "Plain Index" mode is done through
links in the upper right corner. "Plain Index" mode can
make WebRFM behave more like a vanilla WebDAV server and
it can often be more convenient than the "File Manager"
for browsing directory trees and some other things.
Change: "Default Request Method" selection is now done
with a radio button.
Bug fixes:
1) Files that where uploaded (through the form-based interface)
from some WinDOS clients where being saved with bad filenames
(names that correspond to their full WinDOS pathname on the
client with the backward slashes removed). Fixed.
2) Added a workaround for buggy JavaScript implementations.
WebRFM should now work with some would be JavaScript browsers
that where previously causing problems.
3) Per-user MIME tables where not getting created before they
actually got used, resulting in an error message if a user
invoked "Options" before retrieving any files. They would now
also get transparently created when "Options" is invoked (and
they do not exist), so this problem should no longer occur.
4) Several more minor bugs where fixed. Most of them had the
potential of causing problems in some situations involving
filenames that contain special (non-alphanumeric) characters.
WebRFM version 0.1a (alpha) - released May 7, 1999
======================================================
First public release.
(
geocities.com/siliconvalley/horizon) (
geocities.com/siliconvalley)