Re: pipe problem

Top Page
Delete this message
Reply to this message
Author: patl
Date:  
To: Philip Hazel
CC: Pete Ashdown, exim-users
Subject: Re: pipe problem
> On Wed, 5 Mar 1997, Pete Ashdown wrote:
>
> > I realize the insecurity of /bin/sh, but I have local users who use the
> > procmail line:
> >
> > "|IFS=' ' && exec /usr/local/bin/procmail -f- || exit 75"
> >
> > I read through the archives and Philip essentially said "change the
> > procmail line". This isn't an option here.
>
> ...[elided]...
>
> Hmm. I guess I ought to implement an option on the pipe transport that
> says "use a shell", though I'm not too happy about that. How about an
> option that says "ignore this string at the start of the command"? Then
> you could make it ignore "IFS=' ' && exec". No, that won't help because
> of the "|| exit 75" on the end. Perhaps some kind of pattern match? Just
> thinking random thoughts here...
>
> Apart from the syntax and security problems, it is, of course, more
> efficient not to use a shell in general, as you save a fork() operation
> (unless you use exec, as above - many users piping to random scripts
> wouldn't think of that).
>
> ...[elided]...


How about an option that says 'use a shell if the line contains
any unquoted shell meta-chars' ? Better yet, only if the line
contained unquoted shell meta-chars BEFORE variable expansion.



-Pat