©1995–2012, Fairlight Consulting
PayPal: View Cart PayPal: Add Fairlight fP SysWrap to cart
fP SysWrap Documentation

Current Version: v01.00.00

Released: 10/20/11


Program Summary


fP SysWrap is designed to securely solve the problems regarding file ownerships and permissions between the filePro database application and third-party applications and programs.


Historically, filePro’s file security model is weak and insecure.  Even today, it’s vastly uneven.  Because filePro relies on running SUID, permissions and ownership conflicts abound when exchanging files back and forth between filePro itself and external applications called with the SYSTEM() function.  


This is especially true on Linux and FreeBSD systems using the bash shell, version 2 or higher.  The bash shell, as of version 2, drops all privileges.  Although filePro runs SUID as the user ‘filepro’, that means that if user ‘steve’ runs an external program via SYSTEM(), that program is run as ‘steve’, rather than as ‘filepro’, and any resultant files are owned by user ‘steve’.  Further, if the files created have secure modes like 0600, and are owned by ‘steve’, filePro cannot read the data it needs to get back from the external program.


The usual (and insecure) idiom is to use very loose permissions like 0777, 0666, etc.  Some developers jerry-rig chmod solutions which are less than perfectly executed, when they bother at all.


fP SysWrap changes all of that.  This program takes various arguments, including user, group, mode, and commands to be run, and ensures that the program is run under the desired user, and that the resultant file has the desired ownership and permissions before handing control back to filePro, where the data is picked up again.  Working in conjunction with sudo (or su, although that is less recommended), the wrapper ensures maximum security, while easing the task of getting data back into filePro without pain.


Supported Platforms


Currently supported platforms are:



Installation


Unpack the compressed tar archive into any directory you choose. A subdirectory named fpsyswrap-install will be created, and all required program files are present within this subdirectory.  Change directories into this directory, and execute the following command:  perl install.pl


You need to provide the location of your perl binary (usually /usr/bin/perl, unless you rolled your own), as well as a location to place the flsyswrap program itself (/usr/local/bin is recommended).


Configuration


The file /etc/fpsyswrap.conf will have been created by the installer.  This file contains one program path per line.  Any commands you wish the wrapper to be able to execute must be present in this file.  All paths must be absolute (start with a leading slash).  Any commands not present in this file will result in the wrapper exiting with an error stating that the command is not allowed to be executed.


Additionally, if you’re using sudo, you will need to edit /etc/sudoers by executing the command visudo.  While configuration of sudo is beyond the scope of this document (man sudoers and man sudo for more information), it should be noted that the wrapper must be run as root.  The sudo utility is the safest and easiest way to do this.  Since fP SysWrap is coded to only successfully and completely execute if run from inside [rd]clerk or [rd]report, it is actually safe to install the following rule in /etc/sudoers:


ALL     ALL = NOPASSWD: /usr/local/bin/fpsyswrap


Usage


[sudo|su] flsyswrap [options] -- command [command options]


Options



This option dictates what user will own the output file specified by the -o (--outfile) option.



This option dictates what user will own the output file specified by the -o (--outfile) option..



This option dictates the mode of the output file specified by the -o (--outfile) option.



This option denotes the output file you wish to affect ownership and permissions on (generally an output file resulting from the command you’re executing).  Additionally, if you place the magic cookie %o in the actual command, the output file path will be substituted into the command wherever it is found.



This option denotes an input file which you may be feeding to your command.  Additionally, if you place the magic cookie %i in the actual command, the input file path will be substituted into the command wherever it is found.  This particular argument is optional unless you plan to use the aforementioned magic cookie in your command, or plan to use the -r (--remove) option.



This option deletes the input file specified by the -i (--infile) option after the command has been executed.



This option lets you dictate what user should run the command.  You may specify any user you wish, except root.  That is a consciously designed security limitation.  If omitted, the command is run with the user from the -u (--user) option.



This option lets you dictate what group should be used to run the command.  You may specify any group you wish.  If omitted, the command is run with the group from the -g (--group) option.



Literally two hyphens strung together, this “option” tells the wrapper to ignore any recognised options further down the command line, and simply use them as part of the command.  If your command requires a -r, for instance, it would be taken as an argument to the wrapper if it came before the -- option, but it would be taken as an argument in your actual command to be executed by the wrapper if it comes after the -- option.  Use this double-hyphen option to start the command section of your command line.



This option returns the program version information.



This option returns the program changelog information.



This option returns the program help (a briefer summary of the options) in a self-paging fashion.


Changelog


v01.00.00 - 10/20/11


Original Release.


Copyright, License, Warranty, and Payment


This software remains the property of Fairlight Consulting, and license to use the program is sold to users. fP SysWrap is licensed at a cost of $150.00 USD per server on which it is installed. Each license fee entitles you to use fP SysWrap on one server, in any role you require.


Upon receipt of payment for a license, program will be delivered to the licensee via email at the email address associated with the PayPal payment.


Upgrades for the product are currently free when moving to new minor and major versions. Fairlight Consulting reserves the right to change this policy in the future, with no prior warning.


There is no warranty for this software. This software is offered "AS-IS" and without warranties as to performance or merchantability or any other warranties, whether expressed or implied.


Good computing practice dictates that any program should be thoroughly tested with non-critical data before deploying it for production. The user assumes the entire risk of using the program. In no event shall Fairlight Consulting be held liable for loss of data, failure of performance, or any other damages, be they real or perceived.