Re: Don't want to replace IDA sendmail

Nathan Lawson (nlawson@statler.csc.calpoly.edu)
Thu, 18 May 1995 02:02:54 -0700 (PDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Yossi Gottlieb: "Re: Don't want to replace IDA sendmail"
Previous message: Pete Hartman: "ARG!"
In reply to: Pete Hartman: "ARG!"
Next in thread: Yossi Gottlieb: "Re: Don't want to replace IDA sendmail"

> So does anyone know exactly what the problem is?  The 8lgm report is
> (sadly) too vague to be of much use.  

I believe this advisory refers to newlines in the From part of a message.
By specifying sendmail -F, a user can supply a string as the From name for
a message.  This string could be any nasty sequence of characters and if the
mail was queued (i.e. the host was down), the next queue run would activate
the modified file.

> Could I maybe patch IDA so I don't
> have to worry about the port to V8 right now (I was going to get around to
> it, but haven't had and don't have the time....)?  

You could patch the input routines to only take alphanumeric and a small 
subset of punctuation characters as input.

-- 
Nathan Lawson     \    Never let your schooling interfere with your education.
CSL 490/News Admin \
(805)756-7180 @Work \  "The steady state of disks is full."  -- Ken Thompson
---------------------

Next message: Yossi Gottlieb: "Re: Don't want to replace IDA sendmail"
Previous message: Pete Hartman: "ARG!"
In reply to: Pete Hartman: "ARG!"
Next in thread: Yossi Gottlieb: "Re: Don't want to replace IDA sendmail"