unofficial patch to smail 2.5

Jon Zeeff zeeff at b-tech.UUCP
Fri Apr 8 11:51:29 AEST 1988


In article <1313 at iscuva.ISCS.COM> davids at iscuva.ISCS.COM (David Schmidt) writes:
>Here is a small patch to smail 2.5 (comp.sources.unix, volume 11).
>It adds the ability to create aliases which will pipe the mail
>message into a program.
>

I'm sure this works fine, but it sure doesn't look secure.  Think 
about the uid and effective uid when the program is run?  What if it 
happens to be root that triggered uuxqt?  Can a offsite user cause any 
program to be executed by some random id by mailing to |program?  

I have a lmail replacement that will do you what you want in a much safer
manner.  

--Jon

-- 
Jon Zeeff           		Branch Technology,
uunet!umix!b-tech!zeeff  	zeeff%b-tech.uucp at umix.cc.umich.edu



More information about the Comp.sources.bugs mailing list