[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-
|
From: |
Ken Hornstein |
|
Subject: |
Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7 |
|
Date: |
Sun, 14 Jan 2018 20:57:35 -0500 |
Everyone,
I'm wondering if this is the correct approach.
It seems kind of fragile to me to try quoting these characters, assuming
we are passing the entire line for mhshow entries to /bin/sh -c, since
we don't have any idea what that command line looks like (although ...
I don't think I really understand why Steven is using %{name}, but, I
guess it doesn't matter). I really think to be safe we should simply
replace any shell metacharacters for those things, because I can imagine
some nasty security holes that we might encounter.
--Ken
- Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, (continued)
- Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Steven Winikoff, 2018/01/21
- Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Paul Vixie, 2018/01/14
- Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, David Levine, 2018/01/14
- Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Ken Hornstein, 2018/01/15
- Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Paul Vixie, 2018/01/15
- Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Tom Lane, 2018/01/15
- Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7,
Ken Hornstein <=
- Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Steven Winikoff, 2018/01/14
- Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Ken Hornstein, 2018/01/14
- Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Paul Vixie, 2018/01/15
- Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, David Levine, 2018/01/15
- Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Ken Hornstein, 2018/01/15
- Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, David Levine, 2018/01/15
- Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Paul Vixie, 2018/01/15
- Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Ken Hornstein, 2018/01/15
- Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Steven Winikoff, 2018/01/15
- Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Paul Vixie, 2018/01/15