procmail
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

review this recipe for security holes, please

1997-09-10 11:19:34
from [Eli The Bearded] [Permanent Link] 

Anyone see serious security holes in this? Assume most recent
procmail version.

        ARCHIVEDIR=/full/path/to/www/directory/

        :0
        #
        # From is not very secure, I know.
        *   ^From: (sender full name *<)?account@([a-z0-9]+\.)?site.tld\>
        #
        # This provides the bulk of keep-others-out security.
        *   ^Subject: agreed-upon-magic-phrase
        #
        # The idea is to catch only safe files names, and those may
        # not have a ".." in them. For simplicity don't allow them
        # to end with a "." either.
        * $ ^To:[^/]+\+\//([^$SHELLMETAS\$.]|[^.]\.[^.])+
        {
          FILE=$MATCH

          # Get the directory portion
          :0
          * FILE ?? ^^\/.*/
          { DIR=$ARCHIVEDIR/$MATCH }

          # Ensure it exists; the 'h' flag is probably not useful
          :0ihc
          * ? test ! -d $DIR
          | mkdir $DIR
          
          # Get a lock for the following two actions.
          LOCK=$ARCHIVEDIR/$MATCH.lock

          # Ensure the file does not exist; the 'h' flag...
          :0ihc
          | rm -f $ARCHIVEDIR/$MATCH

          # Save the (raw) body only in the file.
          :0br
          $ARCHIVEDIR/$MATCH

          # Release the lock
          LOCK
        }  

Elijah
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: OOPS re handling outgoing mail, David W. Tamkin
Next by Date:  Re: setup help, W. Wesley Groleau x4923
Previous by Thread:  OOPS re handling outgoing mail, David W. Tamkin
Next by Thread:  Re: review this recipe for security holes, please, Philip Guenther
Indexes:  [Date] [Thread] [Top] [All Lists]