I have server with SunOS 5.11:

uname -a

SunOS *** 5.11 snv_134 i86pc i386 i86pc

when I try to compile ELog I get error:

gmake

gcc  -DHAVE_SSL -w -c -o crypt.o src/crypt.c

gcc  -DHAVE_SSL -I../mxml -o elog src/elog.c crypt.o -lsocket -lnsl -lssl

Undefined                       first referenced

 symbol                             in file

MAX                                 crypt.o

MIN                                 crypt.o

mempcpy                             crypt.o

_ast_strtoul                        crypt.o

_ast_realloc                        crypt.o

ld: fatal: symbol referencing errors. No output written to elog

collect2: ld returned 1 exit status

gmake: *** [elog] Error 1

Hello Folks,

Found an interesting problem with 2.3.7 under redhat 9.0 linux.

When you take the elogd.cfg file and the menu commands = <list> and guest 
menu commands = <list>, the config menu for edit the elogd.cfg stops 
working, yet if I change the URL manually, I can still get to the file and 
the menus do not change.  If I delete all menu commands, then all works 
without errors, yet the menus do not match default.

Also, the self registration function equal to 3 does not always send email.

Cheers,
Roberto

I can confirm this issue exists on version 3.1.3, which I have installed elog on Debian 10.

The issue also exists on version 3.14 (1.20190113git283534d97d5a.el7), which I tested on an AmazonLinux EC2 instance.

This is what I found:

1. if I leave out the extension at the end of the URL for a non-existent page, it gives me the red error box. So far so good... Example: /gibberish

2. if I include any random extension at the end of the URL for a non-existent page, it gives me the red error box. So far so good... Example: /gibberish.php or /gibberish.htm or /gibberish.asdfasd

3. if I include any .html extension specifically at the end of the URL for a non-existent page, elog exposes the path /usr/share/elog/themes/default/gibberish.html. This is a bug... Example: /gibberish.html exposes the path, and likewise, /.gibberish.html ( "dot" + gibberish) exposes the path

4. if I include a valid, existent .html file which is located in the directory /usr/share/elog/themes/default/, and call it, elog exposes the html document. Example: I created an html file called gibberish.html (containing <html><body><p>Hello world</p></body></html>) in my system's /usr/share/elog/themes/default/ directory. After navigating back to the /gibberish.html URL, I was presented with the HTML file.

Turning on -v (verbose mode), the response by elogd when accessing these are: "GET /elog/gibberish.html HTTP/1.0 Returned 605 bytes" (displays "Hello world" html file), and "GET /elog/gibberish.asdfasd HTTP/1.0 Returned 605 bytes" (displays red error box).

=====

My guess: the program seems to be caring about the files ONLY if they have html file extension. Please see the screenshots below.

====

What are the security implications? Not much, I think. From what I can tell, exposing the "/usr/share/themes/elog" path, and also exposing the elog version when the file does not exist. Hope this reply helps anyone else with the same question.

(I am sure the error exposing the version can be removed by editing the source code--this is probably beyond my capabilities at this point).

At some point, in the last week or so, I upgraded the debian-unstable
version (r1459-1) of elog.  Now, PostScript files (as attachments) are
displayed (shown in ascii text, instead of just showing the link).  

Is there an option in the elog.cfg to only display certain files (like .gif
or .jpg).

At some point, in the last week or so, I upgraded the debian-unstable
version (r1459-1) of elog.  Now, PostScript files (as attachments) are
displayed (shown in ascii text, instead of just showing the link).  

Is there an option in the elog.cfg to only display certain files (like .gif
or .jpg).

At some point, in the last week or so, I upgraded the debian-unstable
version (r1459-1) of elog.  Now, PostScript files (as attachments) are
displayed (shown in ascii text, instead of just showing the link).  

Is there an option in the elog.cfg to only display certain files (like .gif
or .jpg).

I wondered if there was a config line that enabled/disabled the forward and backward navigation keystrokes that were implemented in 2.7.0?

The current definitions (Control-PgUp/PgDown/Home/End) interfere with those keys I use to navigate between tabs in Firefox.  It'd be nice if they could either be turned off.. or redefined.

 Got it to work as desired.

Thanks for your help and your quick response.