Re: pipe problem

Top Page
Delete this message
Reply to this message
Author: David Blacka
Date:  
To: Philip Hazel
CC: Pete Ashdown, exim-users
Subject: Re: pipe problem
Philip> Hmm. I guess I ought to implement an option on the pipe
Philip> transport that says "use a shell", though I'm not too happy
Philip> about that. How about an option that says "ignore this string
Philip> at the start of the command"? Then you could make it ignore
Philip> "IFS=' ' && exec". No, that won't help because of the "||
Philip> exit 75" on the end. Perhaps some kind of pattern match? Just
Philip> thinking random thoughts here...

I would rather create another transport that mail adminstrators use
instead of the current pipe transport. A possible thought is to
create the equivalent of the sendmail "prog" mailer: a transport that
always runs <program + args> <pipe-expansion> (sorry if I don't have
the terminology right). <program + args> would be determined by a
transport option, defaulting to "sh -c". Making this both a separate
transport and making the program configurable will also allow people
to use something like "smrsh" (ugh) and also not force people to do
the extra fork.

Philip> Apart from the syntax and security problems, it is, of
Philip> course, more efficient not to use a shell in general, as you
Philip> save a fork() operation (unless you use exec, as above - many
Philip> users piping to random scripts wouldn't think of that).

You save the shell invocation, too.

Philip> The point about it not being a security issue because the
Philip> user can specify a shell anyway is true, but idea was that it
Philip> would avoid more accidents if those that wanted a shell had
Philip> to ask for it explicitly.

Well, what kind of accidents? Not that I don't think the current
mechanism is bad.

-- 
David Blacka              Software Engineer           Directory Services/
davidb@???          Network Solutions, Inc.  RWhois Development