[prev in list] [next in list] [prev in thread] [next in thread] 

List:       exim-users
Subject:    Re: Exim 0.50
From:       Philip Hazel <ph10 () cus ! cam ! ac ! uk>
Date:       1996-05-24 8:10:04
[Download RAW message or body]

On Thu, 23 May 1996, Ian Jackson wrote:

> I'd like to point out that this revised version won't work either.
> Backquotes are legal, are they not, for example ?

Oh, rats. This just shows the wisdom of issuing restrictive definitions 
that can be widened later rather than wide-open things that are sure to 
cause trouble in unforseen places. RFC 822 is a real pain. I'm sure 
nobody ever actually uses | or ` in local_parts, and yet we have to 
permit them. Mutter.

> What you need is a mechanism for supplying the address to the command
> as one argument - *without running a shell*.

Yes. Perhaps I should always run the command as it is run in the 
"restrict_path" mode, which is not to run a shell, and to handle the 
arguments as you suggest. As you say, in an unrestricted situation 
people can always explicitly ask for a shell if they want one.

I will work on this for the next release, but I don't think it's enough 
of a show-stopper to prevent the current release going out as Beta next 
week.

--
Philip Hazel                   University Computing Service,
ph10@cus.cam.ac.uk             New Museums Site, Cambridge CB2 3QG,
P.Hazel@ucs.cam.ac.uk          England.  Phone: +44 1223 334714

[prev in list] [next in list] [prev in thread] [next in thread]