[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Nmh-workers] Bug? mhstore Will Use Same File.
|
From: |
Valdis . Kletnieks |
|
Subject: |
Re: [Nmh-workers] Bug? mhstore Will Use Same File. |
|
Date: |
Wed, 24 Nov 2004 11:49:39 -0500 |
On Tue, 23 Nov 2004 20:55:04 PST, Bill Wohler said:
> In any event, quietly overwriting an existing file (especially if the
> file existed outside of the message already) should be prevented.
Also, if we're extending the functionality, we should include the following
checks:
1) Filter the pathname for .. and absolute pathnames - or possibly totally
ignore all path information and save the base filename in Mail/
2) Never automagically save a file with a name starting with '.'
(These are a security threat - I've heard of more than one person who's
gotten their machine hacked because somebody sent them an attachment
called '~/.rhosts' that contained a '+ +'. And before you say that's an
old worn-out trick, note that on modern Unixoids if you have an sshd running
there's often fun to be had by mailing a customized file and calling it
'foo/../../../home/<victim>/.ssh/authorized-keys' or something like that.. ;)
Hmm.. maybe forcing it to ~/Mail/Files/<suggested-name-if-doesnt-exist> and
prompting the user for *anything* else? And maybe a .mh_profile entry to
set the value of 'Files' if the user wants to rename the subdir?
pgpoecLDdYLqa.pgp
Description: PGP signature