![[ICO]](/icons/blank.gif){kind=icon}
![[PARENTDIR]](/icons/back.gif){kind=icon}
![[ ]](/icons/tar.gif){kind=icon}
![[ ]](/icons/unknown.gif){kind=icon}
![[TXT]](/icons/text.gif){kind=icon}
Below is a small patch I've authored for the QuickPage daemon by Thomas Dwyer III.
The changes as outlined in the CHANGES file are:
Changes to QuickPage from v3.3 to v3.3.1-unleash ------------------------------------------------ Patch by Michael Fincham <michael@unleash.co.nz> - The new "-b" option has been added to specify a bind address for the qpage daemon. - The default user the daemon runs as is now "qpage" instead of "nobody". - To be honest, the -b option doesn't sanitise input very well so don't setuid root the qpage binary or anything dumb like that.
While I haven't identified any specific security issues in the code in many cases there's no point in having qpage listen on 0.0.0.0, so the new "-b" option allows for binding to e.g 127.0.0.1
As a bonus I've also included below a Debian init script to start qpage as a daemon listening on localhost. The package builds to a .deb cleanly with "checkinstall" both with and without the patch supplied here.
QuickPage is supplied under some arbitrary licence that I may not have entirely grokked, so if you feel like I'm violating some term of the licence do let me know.
| Name | Last modified | Size | Description |
|---|---|---|---|---|
| Parent Directory | - | ||
| qpage-3.3.tar | 2011-01-27 10:52 | 562K | |
| qpage-3.3.tar.gpg | 2011-01-27 10:59 | 165K | |
| qpage.init.d | 2011-01-27 10:58 | 3.9K | |
| qpage.init.d.gpg | 2011-01-27 10:59 | 2.0K | |
| qpage.patch | 2011-01-27 10:52 | 6.0K | |
| qpage.patch.gpg | 2011-01-27 10:59 | 2.5K | |