[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Nmh-workers] I need help reading the mhstore man page

From: David Levine
Subject: Re: [Nmh-workers] I need help reading the mhstore man page
Date: Fri, 28 Feb 2014 19:45:33 -0500

> >The man page for mhstore recommends that, for the sake of security,
> >I not put the -auto switch in .mh_profile. Whatever the security
> >risk is, would it not also be present if I invoke mhstore with that
> >switch? But the man page does not seem to recommend against that.

Yes, they're equivalent.

Should we replace that recommendation with one that recommends
nmh-storage and/or a non-default -clobber setting with -auto?  mhstore
has the noted checks on the filename, and doesn't pass it or a
mhstore-store- string through the shell.  Is clobbering the only
security concern with -auto?

> -auto uses the filename that may be present in the MIME headers as the
> filename of the output file.  So, for example, if I were to send you a
> file named ".cshrc" (or .profile ... you get the idea), it could cause
> an issue if you didn't notice what it was doing.  Looking at it more
> closely ... you know, I think -clobber always is a terrible default.

I agree, but that default maintains backward compatibility.

> I combine -auto with nmh-storage: /tmp.  I think that's reasonable.

I use -auto -clobber ask


reply via email to

[Prev in Thread] Current Thread [Next in Thread]