Bugtraq mailing list archives

Re: procmail

From: repayne () jeeves net (Rob Payne)
Date: Wed, 7 Aug 1996 08:56:47 -0500


On Tue, 6 Aug 1996 17:58:29, James Wang <ming () math uh edu>  previously said:

On Tue, 6 Aug 1996, Neil Soveran-Charley wrote:

  I'm sure procmail MUST have some security feature to disallow this
sort of thing? But I could be wrong, and haven't checked the manual
pages yet.

        No.  Since there is no way for procmail to know before hand what
kind of program that you might use.


One way around this would be to have a 'secure bin directory' like that
of smrsh and have procmail's use of programs to only that directory.

                                                                -rob

Current thread:

Re: procmail Dennis Simpson (Aug 06)
- Re: procmail Jason S Kohles (Aug 07)
  - Re: procmail Neil Soveran-Charley (Aug 07)
- Re: procmail Neil Soveran-Charley (Aug 07)
- Procmail, et al... Aleph One (Aug 07)
- <Possible follow-ups>
- Re: procmail Ken Robson (Aug 07)
- Re: procmail Rob Payne (Aug 07)