# These settings control Lynx's ability to execute various types of scripts.
# Local execution links and scripts are by default completely disabled, # unless a change is made to the userdefs.h file to enable them or # the configure script is used with the corresponding options # (--enable-exec-links and --enable-exec-scripts). # See the Lynx source code distribution and the userdefs.h # file for more detail on enabling execution links and scripts. # # If you have enabled execution links or scripts the following # two variables control Lynx's action when an execution link # or script is encountered. # # If LOCAL_EXECUTION_LINKS_ALWAYS_ON is set to TRUE any execution # link or script will be executed no matter where it came from. # This is EXTREMELY dangerous. Since Lynx can access files from # anywhere in the world, you may encounter links or scripts that # will cause damage or compromise the security of your system. # # If LOCAL_EXECUTION_LINKS_ON_BUT_NOT_REMOTE is set to TRUE only # links or scripts that reside on the local machine and are # referenced with a URL beginning with "file://localhost/" or meet # TRUSTED_EXEC or ALWAYS_TRUSTED_EXEC rules (see below) will be # executed. This is much less dangerous than enabling all execution # links, but can still be dangerous. # #LOCAL_EXECUTION_LINKS_ALWAYS_ON:FALSE #LOCAL_EXECUTION_LINKS_ON_BUT_NOT_REMOTE:FALSE LOCAL_EXECUTION_LINKS_ON_BUT_NOT_REMOTE:TRUE
# If LOCAL_EXECUTION_LINK_ON_BUT_NOT_REMOTE is TRUE, and no TRUSTED_EXEC # rule is defined, it defaults to "file://localhost/" and any lynxexec # or lynxprog command will be permitted if it was referenced from within # a document whose URL begins with that string. If you wish to restrict the # referencing URLs further, you can extend the string to include a trusted # path. You also can specify a trusted directory for http URLs, which will # then be treated as if they were local rather than remote. For example: # # TRUSTED_EXEC:file://localhost/trusted/ # TRUSTED_EXEC:http://www.wfbr.edu/trusted/ # # If you also wish to restrict the commands which can be executed, create # a series of rules with the path (Unix) or command name (VMS) following # the string, separated by a tab. For example: # # Unix: # ==== # TRUSTED_EXEC:file://localhost/<tab>/bin/cp # TRUSTED_EXEC:file://localhost/<tab>/bin/rm # VMS: # === # TRUSTED_EXEC:file://localhost/<tab>copy # TRUSTED_EXEC:file://localhost/<tab>delete # # Once you specify a TRUSTED_EXEC referencing string, the default is # replaced, and all the referencing strings you desire must be specified # as a series. Similarly, if you associate a command with the referencing # string, you must specify all of the allowable commands as a series of # TRUSTED_EXEC rules for that string. If you specify ALWAYS_TRUSTED_EXEC # rules below, you need not repeat them as TRUSTED_EXEC rules. # # If EXEC_LINKS and JUMPFILE have been defined, any lynxexec or lynxprog # URLs in that file will be permitted, regardless of other settings. If # you also set LOCAL_EXECUTION_LINKS_ON_BUT_NOT_REMOTE:TRUE and a single # TRUSTED_EXEC rule that will always fail (e.g., "none"), then *ONLY* the # lynxexec or lynxprog URLs in JUMPFILE (and any ALWAYS_TRUSTED_EXEC rules, # see below) will be allowed. Note, however, that if Lynx was compiled with # CAN_ANONYMOUS_JUMP set to FALSE (default is TRUE), or -restrictions=jump # is included with the -anonymous switch at run time, then users of an # anonymous account will not be able to access the jumps file or enter # 'j'ump shortcuts, and this selective execution feature will be overridden # as well (i.e., they will only be able to access lynxexec or lynxprog # URLs which meet any ALWAYS_TRUSTED_EXEC rules). # #TRUSTED_EXEC:none
# If EXEC_LINKS was defined, any lynxexec or lynxprog URL can be made # always enabled by an ALWAYS_TRUSTED_EXEC rule for it. This is useful for # anonymous accounts in which you have disabled execution links generally, # and may also have disabled jumps file links, but still want to allow # execution of particular utility scripts or programs. The format is # like that for TRUSTED_EXEC. For example: # # Unix: # ==== # ALWAYS_TRUSTED_EXEC:file://localhost/<tab>/usr/local/kinetic/bin/usertime # ALWAYS_TRUSTED_EXEC:http://www.more.net/<tab>/usr/local/kinetic/bin/who.sh # VMS: # === # ALWAYS_TRUSTED_EXEC:file://localhost/<tab>usertime # ALWAYS_TRUSTED_EXEC:http://www.more.net/<tab>show users # # The default ALWAYS_TRUSTED_EXEC rule is "none". # #ALWAYS_TRUSTED_EXEC:none
# Unix: # ===== # TRUSTED_LYNXCGI rules define the permitted sources and/or paths for # lynxcgi links (if LYNXCGI_LINKS is defined in userdefs.h). The format # is the same as for TRUSTED_EXEC rules (see above), but no defaults are # defined, i.e., if no TRUSTED_LYNXCGI rules are defined here, any source # and path for lynxcgi links will be permitted. Example rules: # # TRUSTED_LYNXCGI:file://localhost/ # TRUSTED_LYNXCGI:<tab>/usr/local/etc/httpd/cgi-bin/ # TRUSTED_LYNXCGI:file://localhost/<tab>/usr/local/www/cgi-bin/ # # VMS: # ==== # Do not define this. # #TRUSTED_LYNXCGI:none TRUSTED_LYNXCGI:file://localhost/
# Unix: # ===== # LYNXCGI_ENVIRONMENT adds the current value of the specified # environment variable to the list of environment variables passed on to the # lynxcgi script. Useful variables are HOME, USER, etc... If proxies # are in use, and the script invokes another copy of lynx (or a program like # wget) in a subsidiary role, it can be useful to add http_proxy and other # *_proxy variables. # # VMS: # ==== # Do not define this. # #LYNXCGI_ENVIRONMENT:
# Unix: # ===== # LYNXCGI_DOCUMENT_ROOT is the value of DOCUMENT_ROOT that will be passed # to lynxcgi scripts. If set and the URL has PATH_INFO data, then # PATH_TRANSLATED will also be generated. Examples: # LYNXCGI_DOCUMENT_ROOT:/usr/local/etc/httpd/htdocs # LYNXCGI_DOCUMENT_ROOT:/data/htdocs/ # # VMS: # ==== # Do not define this. # #LYNXCGI_DOCUMENT_ROOT:
Prev: Bibliographic Protocol (bibp scheme) || Next: Character sets