Re: [Exim] SMTP AUTH, relaying and MySQL

Página superior
Este mensaje es parte del siguiente hilo:
MEl árbol completo de hilos, ordenados por fecha
MRoger Hakansson, mensaje del <-
M 
Eliminar este mensaje
Responder a este mensaje
Autor: Tamas TEVESZ
Fecha:  
A: Roger Hakansson
Cc: exim-users
Asunto: Re: [Exim] SMTP AUTH, relaying and MySQL
On Thu, 18 Apr 2002, Roger Hakansson wrote:

> I'm kind of new to Exim, so this might be a supid question...
> Why?
> Is it to prevent the case where you have ' in your mailadress?

no. it is to prevent your sql server be 0wned when someone finds out
you're doing auth from sql, and starts sending funny stuff in the smtp
auth. remember, that definitely classifies as 'untrusted user input'
and as such should be sanitized as much as possible.


--
[-]



Este mensaje se envió a las siguientes listas de correo:
Exim-users
Información de la lista de correo | Mensajes cercanos		<-Re: [Exim] Need help on upgrading Exim 3.35 to Exim 4.03!Re: [Exim] Bug? domain literals on command-line->
Tahini and Hummus and Cumin Development Archives administrado por cumin AdminsLurker (versión 2.3)