Wearing my sys-admin hat, I've be far more comfortable with people
that really know what they are doing sanitize things within nmh (one
place), rather than having end users (who are not always fully aware
of various trojan techniques or concerned if they do know).
Agreed. I wouldn’t mind too much having to do it myself, but
this argument makes good sense.
Two points:
- I'm not sure the nmh authors are necessarily more qualified than anyone
else to decide what encompasses a "sanitized" filename.
- We don't do any sanitization now; if it looks "dodgy", we chuck it and
generate our own filename. Well, it's even slightly more confusing
than that. The exact steps are:
- Convert to the local character set, converting any unconvertable
characters to '_'.
- Reject filenames that start with a '/', '.', '!', '|' (I believe the
latter two are because of the way nmh overloads the "storeproc"
functionality") or any filename that contains a '%'.
So ... not exactly exhaustive, and a bit weird to match nmh implementation
details.
--Ken
_______________________________________________
Nmh-workers mailing list
Nmh-workers(_at_)nongnu(_dot_)org
https://lists.nongnu.org/mailman/listinfo/nmh-workers