Xenix mail system
Clifford C. Skolnick
ccs at lazlo.UUCP
Wed Jan 18 16:44:43 AEST 1989
In article <417 at ispi.UUCP> jbayer at ispi.UUCP (Jonathan Bayer) writes:
> [Discusion of Xenix mail system and desire to replace]
>...I have received a
>copy of an lmail replacement from Jon Zeeff. It looks good, but I do
>want some more input since the comments state that it has not been fully
>checked out.
I checked it out, It looked secure except for two things. I check that
in order for the program to send mail to a program, two things are checked.
1) the program specified is a full path name
2) the user being mailed to owns the file directing transfer to a
program.
Here are the diffs to the version posted to the net:
-----Cut Here-----
#!/bin/sh
# shar: Shell Archiver (v1.22)
#
# Run the following text with /bin/sh to create:
# lmail.diff
#
sed 's/^X//' << 'SHAR_EOF' > lmail.diff &&
X345a346,349
X> if (statbuf.st_uid!=pwd->pw_uid) {
X> fclose(in_file);
X> continue;
X> }
X366a371,374
X> if (statbuf.st_uid!=pwd->pw_uid) {
X> fclose(in_file);
X> continue;
X> }
X480a489,492
X> if (dest[1]!='/') {
X> (void) fprintf(stderr, "\nCan only pipe to a full path name.\n",dest);
X> return(8);
X> }
SHAR_EOF
chmod 0644 lmail.diff || echo "restore of lmail.diff fails"
exit 0
-----cut here-----
>--
>Jonathan Bayer Beware: The light at the end of the
>Intelligent Software Products, Inc. tunnel may be an oncoming dragon
>19 Virginia Ave. ...uunet!ispi!jbayer
>Rockville Centre, NY 11570 (516) 766-2867 jbayer at ispi
--
Cliff Skolnick (ccs at lazlo)| "You told me time makes it easy, but you never
Phone: (716) 427-8046 | told me time stands still" - Gary Numan
TCP/IP: 44.68.0.195 | ...!rutgers!rochester!ritcv!ritcsh!sabin! lazlo!ccs
ccs at lazlo.n1dph.ampr.org| \!kodak!pcid!gizzmo!/
More information about the Comp.unix.questions
mailing list