It looks like this might have been added just 4 years ago. Otherwise, I'd be reluctant to remove it. Earl?
The only place I've seen $TMP referenced is on Windows. We really shouldn't proliferate this to UNIX when the convention since the dawn of time has been $TMPDIR.
This is a security breach waiting to happen. For tempfiles you shouldalways be specifying an absolute path. This isn't just an MH issue.Alright, how about if we adios() if MHTMPDIR contains any ".." ?
I'm still uneasy about relative paths, but I don't have the time right now to test an explicit exploit scenario. The '..' test should be there regardless, though. And I wonder if there aren't other places we should disallow it. --lyndon
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Nmh-workers mailing list Nmh-workers@nongnu.org https://lists.nongnu.org/mailman/listinfo/nmh-workers