sbox-dtc - CGI chroot wrapper script for safer hosting environment

Distribution: Ubuntu 16.04 LTS (Xenial Xerus)
Repository: Ubuntu Universe i386
Package name: sbox-dtc
Package version: 1.11.7
Package release: 1
Package architecture: i386
Package type: deb
Installed size: 898 B
Download size: 357.03 KB
Official Mirror:
Sbox is a CGI wrapper script that helps Web site hosting services to safely grant CGI authoring privileges to untrusted clients. In addition to changing the process privileges of client scripts to match their owners, it goes beyond other wrappers by placing configurable ceilings on script resource usage, avoiding unintentional (as well as intentional) denial of service attacks. It also optionally let the Webmaster to place client's CGI scripts in a chroot'ed shell restricted to the author's home directories. Thanks to a cleaver per-vhost configuration, SBOX is also capable of being highly customizable on a per web site level. SBOX also runs Ruby, Perl, Python and PHP script using their respective interpreter, with a configurable path for each of them.



    Source package: sbox-dtc

    Install Howto

    1. Update the package index:
      # sudo apt-get update
    2. Install sbox-dtc deb package:
      # sudo apt-get install sbox-dtc


    • /etc/logrotate.d/sbox-dtc
    • /etc/sbox/sbox.conf
    • /usr/lib/cgi-bin/sbox
    • /usr/share/doc/sbox-dtc/README.html
    • /usr/share/doc/sbox-dtc/README.txt.gz
    • /usr/share/doc/sbox-dtc/README.using_sbox.txt
    • /usr/share/doc/sbox-dtc/changelog.Debian.gz
    • /usr/share/doc/sbox-dtc/copyright
    • /usr/share/doc/sbox-dtc/
    • /usr/share/doc/sbox-dtc/examples/env.gz
    • /usr/share/lintian/overrides/sbox-dtc


    2013-12-04 - Thomas Goirand <> sbox-dtc (1.11.7-1) unstable; urgency=medium * Fixed homepage field (Closes: #655490). * Rotates sbox log daily, as it might stop working if the log file is bigger than the sbox setlimits(). * Switched debian/copyright to machine readable format 1.0. * Bumps Standards-Version to 3.9.3 (no change). * Using MAXPATHLEN instead of MAXPATH, so that it may build in hurd. * Using hardening flags. * Using debhelper and compat level 9.

    2011-09-12 - Thomas Goirand <> sbox-dtc (1.11.6-1) unstable; urgency=low * New upstream version: - Repairs the PATH_TRANSLATED and PATH_INFO variables in the case of a PATH_INFO environment variable being present. Now all PHP scripts should be working as expected. * Removed libdotconf1.0 dependency that is anyway managed by dh_shlibs. * Removed -M flag to useradd since it's crashing the postinst. * Using dh_prep instead of dh_clean -k.

    2011-09-04 - Thomas Goirand <> sbox-dtc (1.11.5-1) unstable; urgency=low * New upstream version: - Repairs the DOCUMENT_ROOT, SCRIPT_NAME and as a consequence PHP_SELF when doing a chroot.

    2011-07-12 - Thomas Goirand <> sbox-dtc (1.11.4-2) unstable; urgency=low * Using -r when doing groupadd / useradd (Closes: #633602). * Logrotate now recreating users with dtc / dtcgrp (Closes: #633603).

    2011-06-26 - Thomas Goirand <> sbox-dtc (1.11.4-1) unstable; urgency=low * Make sure that /etc/sbox/vhosts.d is owned by the webserver user and group. * debian/copyright is now using DEP5 format. * Updated watch file target URL.

    2011-06-24 - Thomas Goirand <> sbox-dtc (1.11.3-1) unstable; urgency=low * New upstream version with the following improvements: - Now using /etc/sbox/vhosts.d as a HTTP_HOST specific configuration folder (each vhost can have its specific configuration file with customization). - Removed the use of Apache envvars which aren't safe (easy to hack). - Each vhost can have a different interpreter for both Perl, PHP, Python or Ruby, thanks to new sbox directives. * Not modifying conf files in postinst (Closes: #607878). * Fix FTBFS with ld --as-needed (Closes: #606212). * Added few documentation files that were missing from packaging. * Creates the new /etc/sbox/vhosts.d folder. * Bumped Standard-Version to 3.9.2. * Removed now useless DM-Upload-Allowed field. * A better short and long description. * Added build-arch and build-indep rules. * Sets the debconf question priority to low.

    2010-12-10 - Thomas Goirand <> sbox-dtc (1.11.2-4) unstable; urgency=low * Fixed the postinst that was manipulating the wrong /etc/logrotate.d file (Closes: #606603).

    2010-12-06 - Thomas Goirand <> sbox-dtc (1.11.2-3) unstable; urgency=low * Uses useradd -M instead -m. eg: do not create home dir for the sbox-dtc user (Closes: #605980). * Deletes /etc/sbox.conf and /var/log/sbox.log in the postrm script when purging package. * Added a logrotate weekly script.

    2010-12-04 - Thomas Goirand <> sbox-dtc (1.11.2-2) unstable; urgency=low * Now using my @debian email address as maintainer. * Sets the SUID bit, chown sbox to root.root (Closse: #605868). * Added Danish debconf translation, thanks to Joe Dalton <> (Closes: #583972).

    2010-05-19 - Thomas Goirand <> sbox-dtc (1.11.2-1) unstable; urgency=low * Bumped Standard-Version * Changed correm into corre in the debian/po/pt.po as advised by the translator Américo Monteiro <>. * Updated Spanish debconf template, thanks to Francisco Javier Cuadrado <> (Closes: #561219). * Updated the watch file. * Added Vcs-Browser, Vcs-Git, Homepage and Dm-Upload-Allowed field. * Changed Priority from optional to extra.