Re: MHonArc and taint checking

1996-10-12 18:43:35
"RF" == Rune Frøysa <runefr(_at_)ifi(_dot_)uio(_dot_)no> writes:

[Quoting me]
Couldn't you just use a wrapper instead?

RF> Incoming mail is collected by a process running as nobody. When storing
RF> the mail on the www server, the articles are stored in a directory
RF> which should only be writeable by the www group.

OK, but none of this precludes using a wrapper.

RF> Under SunOS 4.x I used the setgid(getegid()); trick on the wrapper to
RF> prevent perl from doing taint checking, but this does not work under
RF> Solaris.

Then find a wrapper that does.  Try the current beta of Majordomo in and grab the wrapper from there.  It does some
setting of the environment which is unnecessary but it's secure and you can
edit out what you don't need.  (I recommend the beta because the code for
the wrapper is slightly cleaner than that of older versions.)
      Jason L. Tibbitts III - tibbs(_at_)uh(_dot_)edu - 713/743-8684 - 221SR1
System Manager:  University of Houston High Performance Computing Center
                1994 PC800 "Kuroneko"      DoD# 1723

<Prev in Thread] Current Thread [Next in Thread>