[ On Mon, March 10, 1997 at 09:37:34 (+0000), Philip Hazel wrote: ]
> Subject: Re: pipe problem
>
> Wait a minute. I think I am being stupid. If they are not subject to
> string expansion, then they can't be messed up by the insertion of meta
> characters, can they? So specifying a shell for conventional .forward
> files doesn't have this problem.
There you go! The only thing you can do for '|' (and '/') addresses in
~/.forward files is be very careful with making sure you're running as
the correct user before you do the delivery. To that end I still
strongly recommend getting all forms of seteuid() and friends out of the
code (and using fork() for what it was designed for). Older versions of
Smail *have* been compromised because of seteuid (on Solaris for one)....
> Pipe commands specified as part of a filter file *are* expanded, and
> these could indeed make use of a quoting operator. However, the users
> would have to be educated to make use of it because it is something that
> is easily overlooked.
some kind of configuration checking tool that puts out sensible warning
when it sees obvious things like this could help, but of course the many
fools born once per minute can always out-smart the best hand-holding
software.
> Anyway, I have added to the Exim wish-list and option to use a shell for
> the pipe director and reinforced the item that was already there about
> providing a shell-quoting operator.
Good go! I'm getting ever closer to wanting to convert to exim, and now
mention it every time somone asks me about which mailer to run! ;-)
--
Greg A. Woods
+1 416 443-1734 VE3TCP robohack!woods
Planix, Inc. <woods@???>; Secrets of the Weird <woods@???>
