Eric brought up the fact that resend will allow a pipe
to an executable as an argument to resend. I felt this
to be dangerous, but not "that" dangerous. Either way,
here is a fix. Change line 56 on an unmodified majordomo
version 1.94.5 resend script:
from
if ($ARGV[0] =~ /^\@/) {
to
if (($ARGV[0] =~ /^\@/) && ($ARGV[0] !~ /[|]/)) {
or insert this between lines 55 and 56
if ($ARGV[0] =~ /[|]/) { die("Pipe symbol found: $!\nStopped") }
I think there is already a resend.5 patch, but I have not
looked at it to see if either of these are included yet.
The first solution silently ignores pipe/bar symbols as
arguments, and the second squawks and dies with an error
message if a pipe symbol is found in the argument. Either
way, the "open" function is bypassed, and another security
hole is closed.
Dan Liston
|
|
