In message <199505012139.OAA11624@spray.usw.nps.navy.mil>,
Stefan Hudson writes:
>> You need to put somthing like:
>>
>> # the safe locations for archive directories. This should be defined as
>> # a series of root anchored directory paths as will be used as prefixes
>> # to the file names specified to the archive2.pl script.
>> @archive_dirs = ( "$list_test", "$list_test2" );
>>
>> in your majordomo.cf file.
>>
>> You will need to define $list_test and $list_test2 to be the
>> absolute path of your LIST archive dir. You will need one of those
>> for every list you want to archive.
>
>Would there be a problem with making it so that the archive_dirs are treated
>as a PREFIX when checking for allowed directories? That way, if
>
>@archive_dirs = ( "/usr/local/majordomo/archive", );
>
>any subdirectory of /usr/local/majordomo/archive would be allowed for
>archiving. I modified archive2.pl to work like that, and it works well,
>but I was concerned about potential security problems. The advantage is
>that you don't need to modify majordomo.cf at all when adding a list.
Why not just do?
@archive_dirs = </spool/majordomo/archive/*>;
in majordomo.cf? Or a loop on opendir, readdir, closedir. Don't forget
the majordomo.cf file is perl code. There is nothing to prevent you
from doing commands in the code.
-- John
John Rouillard
Senior Systems Administrator IDD Information Services
rouilj@dstar.iddis.com Waltham, MA (617) 890-7227 x337
(617) 487-3937 (Direct)
Senior Systems Consultant (SERL Project) University of Massachusetts at Boston
rouilj@cs.umb.edu (preferred) Boston, MA, (617) 287-6480
===============================================================================
My employers don't acknowledge my existence much less my opinions.
Follow-Ups:
References:
|
|
