Great Circle Associates Majordomo-Workers
(November 1996) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: another bug fix to 1.94 majordomo.pl
From: Dave Wolfe <dwolfe @ risc . sps . mot . com>
Date: Tue, 19 Nov 1996 07:55:02 -0600 (CST)
To: haas @ xmission . com (Walt Haas)
Cc: majordomo-workers @ greatcircle . com, tibbs @ hpc . uh . edu
In-reply-to: <199611182318.QAA08764@xmission.com> from "Walt Haas" at Nov 18, 96 04:18:02 pm
Reply-to: Dave Wolfe <david_wolfe @ risc . sps . mot . com> 
[ Walt Haas writes: ]
> 
> OK, great, but *WHY* are we worrying about trapping this one particular
> kind of address?

Good question. I'm not enough of a sendmail guru to give you specifics,
but sendmail isn't the only MTA possible and not all MTAs are created
equal. Sendmail will gladly deliver to a file path, although there are
usually other safeguards to plug such holes. I think the test is there
because it's better to check for such things and alert someone of
possible attacks than to just blindly assume something else will take
care of it. Perhaps *all* the X.400 checking should be controlled by
options.

> My patch at least had the virture of not changing line numbers :-)

That only counts for binary patches. ;-)

-- 
 Dave Wolfe
Follow-Ups:
References:
Indexed By Date Previous: Re: What is the deal with .passwd?
From: Chan Wilson <cwilson@slurp.neu.sgi.com>
Next: Re: Bug & patch: writeconfig chops lines at 80 chars
From: Dave Wolfe <dwolfe@risc.sps.mot.com>
Indexed By Thread Previous: Re: another bug fix to 1.94 majordomo.pl
From: Walt Haas <haas@xmission.com>
Next: Re: another bug fix to 1.94 majordomo.pl
From: Walt Haas <haas@xmission.com>
Google
 
Search Internet Search www.greatcircle.com