Hi Ken,
> for (s = cmd; *s; s++) {
> if (*s != ' ' && !isALPHA(*s) &&
> strchr("$&*(){}[]'\";\\|?<>~`\n",*s)) {
>
> Seems like that's a pretty good list; if we see one of those
> characters, it gets sent to /bin/sh -c. Otherwise we split and do it
> ourselves.
No `#'? How about just always send to the user's shell from the
password entry with a -c, as distinct from /bin/sh.
Cheers, Ralph.
_______________________________________________
Nmh-workers mailing list
[email protected]
https://lists.nongnu.org/mailman/listinfo/nmh-workers
