On Thu, Oct 27, 2005 at 10:05:37AM +1300, Srdjan wrote: > sendmail command and params are not constructed in a taint-safe fashion. > Arguments to send_by_sendmail() are used/filled in rather than having > separate vars set to defaults or untainted args.
Hi, I disagree: it's not the job of send_by_sendmail() to untaint its args. The base arguments are given straight to sendmail, and if the caller is passing tainted data there, it's the caller's fault. The safe way is calling send_by_sendmail() without any arguments at all. However, there is one very real problem in send_by_sendmail(). When generating the sendmail command line, it builds a '-f' argument from the 'From' field of the email to be sent. Unfortunately it uses Mail::Address to do it, and Mail::Address taints its data. See bug #346008 against libmailtools-perl. I'll probably try to come up with a patch. In the meantime, using the 'SetSender => 0' argument to send_by_sendmail() should work around this. Cheers, -- Niko Tyni [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]