Bugtraq mailing list archives
Re: procmail
From: ficusk () on-ramp ior com (Ficus Kirkpatrick)
Date: Wed, 7 Aug 1996 13:57:19 -0700
> I'm sure procmail MUST have some security feature to disallow this > sort of thing? But I could be wrong, and haven't checked the manual > pages yet. Sendmail disallows this short things by not allowing pipes in .forward if user have not valid shell (listed in /etc/shells). Yes, if you use procmail as local delivery agent, then you need same kind mechanism in procmail also (if it allows piping mail to programs). The problem there is that for an 'ftp only' account, the shell has to be in /etc/shells, or FTP will not work (with most FTP servers). Ficus
Current thread:
- Re: your mail, (continued)
- Re: your mail Greg Woods (Aug 05)
- Re: your mail neill (Aug 05)
- PAM login programs? Josh Wilmes (Aug 05)
- procmail DANIEL .D .EZEKIEL (Aug 05)
- (Fwd) CERT Advisory CA-96.17 - Vulnerability in Solaris vold Hubert Feyrer (Aug 06)
- Re: procmail Adam Shostack (Aug 06)
- Re: procmail Jon Lewis (Aug 06)
- Re: procmail Neil Soveran-Charley (Aug 06)
- Re: procmail James Wang (Aug 06)
- Re: procmail Kari E. Hurtta (Aug 06)
- Re: procmail Ficus Kirkpatrick (Aug 07)
- Re: procmail Melody Lynn Yoon (Aug 07)
- Re: your mail Greg Woods (Aug 05)
- Re: PAM login programs? Marek Michalkiewicz (Aug 06)
- Re: PAM login programs? Arthur Donkers (Aug 06)