Viewing all changes in revision 848.
- Committer: klm
- Date: 1998-07-23 22:51:29 UTC
- Revision ID: vcs-imports@canonical.com-19980723225129-bhwujn5p0pkrkc4e
do_child(): Take parameters via stdin lines, instead of command line
arguments, to avoid exposing addresses to shell.
Protocol:
line 1: batchnum
line 2: sender
line 3...n+2: n recipients
line n+3: <empty> - delimiting end of recipients
line n+4: message content
ContactTransport(): Similarly, pass parameters to contact_transport in
the same manner, via contact_transport process stdin.
This avoids both security problems (and address like `touch
/etc/passwd`, as someone on the developers list warned) and distortion
problems (shell metacharacters in addresses).
Additionally, instrumented both the main process and the child process
with a stderr logger, distinguishing the labels for the two so we can
tell them apart in the error logs.
arguments, to avoid exposing addresses to shell.
Protocol:
line 1: batchnum
line 2: sender
line 3...n+2: n recipients
line n+3: <empty> - delimiting end of recipients
line n+4: message content
ContactTransport(): Similarly, pass parameters to contact_transport in
the same manner, via contact_transport process stdin.
This avoids both security problems (and address like `touch
/etc/passwd`, as someone on the developers list warned) and distortion
problems (shell metacharacters in addresses).
Additionally, instrumented both the main process and the child process
with a stderr logger, distinguishing the labels for the two so we can
tell them apart in the error logs.
- files modified:
- mail/deliver
expand all
collapse all
added
removed
