Re: [Exim] SMTP AUTH, relaying and MySQL

Pàgina inicial
Aquest missatge és part del següent fil:
Ml'arbre de fils complet ordenat per data
MRoger Hakansson en <-
M 
Delete this message
Reply to this message
Autor: Tamas TEVESZ
Data:  
A: Roger Hakansson
CC: exim-users
Assumpte: Re: [Exim] SMTP AUTH, relaying and MySQL
On Thu, 18 Apr 2002, Roger Hakansson wrote:

> I'm kind of new to Exim, so this might be a supid question...
> Why?
> Is it to prevent the case where you have ' in your mailadress?

no. it is to prevent your sql server be 0wned when someone finds out
you're doing auth from sql, and starts sending funny stuff in the smtp
auth. remember, that definitely classifies as 'untrusted user input'
and as such should be sanitized as much as possible.


--
[-]



Aquest missatge es va enviar a les següents llistes de correu:
Exim-users
Informació sobre la llista de correu | Missatges propers		<-Re: [Exim] Need help on upgrading Exim 3.35 to Exim 4.03!Re: [Exim] Bug? domain literals on command-line->
Tahini and Hummus and Cumin Development Archives administrat per cumin AdminsLurker (versió 2.3)