Bugtraq mailing list archives
Re: procmail
From: repayne () jeeves net (Rob Payne)
Date: Wed, 7 Aug 1996 08:56:47 -0500
On Tue, 6 Aug 1996 17:58:29, James Wang <ming () math uh edu> previously said:
On Tue, 6 Aug 1996, Neil Soveran-Charley wrote:I'm sure procmail MUST have some security feature to disallow this sort of thing? But I could be wrong, and haven't checked the manual pages yet.No. Since there is no way for procmail to know before hand what kind of program that you might use.
One way around this would be to have a 'secure bin directory' like that of smrsh and have procmail's use of programs to only that directory. -rob
Current thread:
- Re: procmail Dennis Simpson (Aug 06)
- Re: procmail Jason S Kohles (Aug 07)
- Re: procmail Neil Soveran-Charley (Aug 07)
- Re: procmail Neil Soveran-Charley (Aug 07)
- Procmail, et al... Aleph One (Aug 07)
- <Possible follow-ups>
- Re: procmail Ken Robson (Aug 07)
- Re: procmail Rob Payne (Aug 07)
- Re: procmail Jason S Kohles (Aug 07)