Lyndon wrote: > I guess $TMP is a Windows thing? It shouldn't be used on UNIX systems.
It looks like this might have been added just 4 years ago. Otherwise, I'd be reluctant to remove it. Earl? > > * If MHTMPDIR is not an absolute path, interpret it as relative to the > > MH Path directory. > > This is a security breach waiting to happen. For tempfiles you should > always be specifying an absolute path. This isn't just an MH issue. Alright, how about if we adios() if MHTMPDIR contains any ".." ? David _______________________________________________ Nmh-workers mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/nmh-workers
