Stephane Bortzmeyer had a caution for us:
| OK for this one, I just would like the original sender to understand that
| executing a command with a parameter from the outside can be *dangerous*.
| For instance:
|
| # WRONG. DO NOT USE IT!!!
| :0 h
| * ! ^X-Loop: your(_at_)host(_dot_)domain
| * ^Subject:.*whois \/.+
| | ( formail -r -A 'X-Loop: your(_at_)host(_dot_)domain' ; /pathToWhois/whois
$MATCH ) \
| | $SENDMAIL -oi -t
|
| This would be terrible when receiving:
|
| Subject: whois foobar ; rm -rf /
Absolutely! But precautions can be taken, such as restricting $MATCH to
characters legitimate in a hostname:
:0 h # period inside brackets is literal
* ! ^X-Loop: your(_at_)host\(_dot_)domain
* ^Subject:.*whois +\/[-_a-z0-9.]+
| ( formail -r -A 'X-Loop: your(_at_)host(_dot_)domain' ; /pathToWhois/whois
$MATCH ) \
| $SENDMAIL -oi -t
or at the very least, quotes around "$MATCH" to defuse semicolons:
:0 h
* ! ^X-Loop: your(_at_)host\(_dot_)domain
* ^Subject:.*whois \/.+
| ( formail -r -A 'X-Loop: your(_at_)host(_dot_)domain' ; \
/pathToWhois/whois "$MATCH" ) | $SENDMAIL -oi -t
As Stephane has warned us, one must be extremely careful in running commands
that are taken from incoming mail (or whose parameters are taken from incom-
ing mail).