> > > > Just wondering about the code snippet presented below.
> > > > > sprintf(buf, "mail -s \"%s\" %s <MAILFILE.TXT &", subject, emailaddr);
> > >
> > > if (strchr(emailaddr, ';') != NULL) {
> > ^^^^^^^^^^^^^
> > What happens if this would be a '&' instead? Bye bye files
> >
> > Make some kind of generic function that will check the incoming string.
> > Allow NO Unix shell-characters ; : & > < and you will be fine.
> >
>
> then this should do it:
>
> if (strchr(";:&<>", emailaddr) != NULL) {
>
Ick, forgot something... '|'
Think about this 'email' "rm -rf / | echo 'Sucker' ~/README | more" And you might consider to
exclude '*' from the list. And oh, I forgot backticks ` you know `ls` would execute everything
that ls spits out. :)
HEh.. So.. chang the if statement to if(strchr("`;:&<>|*", emailaddr) != NULL
+ you should probably to a check if the user has typed in a @-charecter.
AND one thing, do NOT use sendmail instead of mail at any time, cuz sendmail is one BIG BLACK HOLE
in the security.
In any event when calling a program using system and/or execXX ALWAYS take a minute to think over
the security risks. Otherwise someone will find out how to erase your mud and/or entire system.
// Zigg
+-----------------------------------------------------------+
| Ensure that you have read the CircleMUD Mailing List FAQ: |
| http://cspo.queensu.ca/~fletcher/Circle/list_faq.html |
+-----------------------------------------------------------+
This archive was generated by hypermail 2b30 : 12/18/00 PST