[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: lynx-dev Mailing from Lynx with Pine

From: David Woolley
Subject: Re: lynx-dev Mailing from Lynx with Pine
Date: Thu, 11 Apr 2002 08:18:34 +0100 (BST)

> Content-Transfer-Encoding: BASE64
> Content-Description: Patch for external support of mail program
> Content-Disposition: ATTACHMENT; FILENAME="mail.patch"

This patch looks like a security hole to me.  You seem to be inserting
uncontrolled text into a shell command using an interface that has
no meta-character protection (you are relying on < going through OK).

You also appear to have an unchecked buffer, sprintf is generally considered
a likely cause of a security breach, these days.  Probably more than half
the Microsoft critical updates recently have been to fix unchecked buffers.

Some other points:

- most Unix email programs given a file on standard input are unable
to read the console, so can only send it non-interactively;

- Pine appears to have made an inappropriate choice of MIME encoding for
this email; is it really that good a mailer?  (Also, I believe References
in email should exclude the In-Reply-To article.)

; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to address@hidden

reply via email to

[Prev in Thread] Current Thread [Next in Thread]