Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-

Everyone,

I'm wondering if this is the correct approach.

It seems kind of fragile to me to try quoting these characters, assuming
we are passing the entire line for mhshow entries to /bin/sh -c, since
we don't have any idea what that command line looks like (although ...
I don't think I really understand why Steven is using %{name}, but, I
guess it doesn't matter).  I really think to be safe we should simply
replace any shell metacharacters for those things, because I can imagine
some nasty security holes that we might encounter.

--Ken

-- 
Nmh-workers
https://lists.nongnu.org/mailman/listinfo/nmh-workers

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, (continued) Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, David Levine Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Steven Winikoff Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, David Levine Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Steven Winikoff Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, David Levine Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Paul Vixie Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, David Levine Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Ken Hornstein Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Paul Vixie Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Tom Lane Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Ken Hornstein <= Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Steven Winikoff Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Ken Hornstein Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Paul Vixie Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, David Levine Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Ken Hornstein Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, David Levine Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Paul Vixie Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Ken Hornstein Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Steven Winikoff Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Paul Vixie

Previous by Date:	Re: [Nmh-workers] rcvdist with non-default port, Ken Hornstein
Next by Date:	Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Steven Winikoff
Previous by Thread:	Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Tom Lane
Next by Thread:	Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7, Steven Winikoff
Indexes:	[Date] [Thread] [Top] [All Lists]

Re: [Nmh-workers] proposed patch for shell metacharacter failure in nmh-1.7