> But my underlying concern with allowing a relative mhpath surrounds
> taking advantage of $HOME leakage/confusion in the event you managed
> to get something to call an MH command with elevated privileges.
> I.e. $HOME != getpwuid(geteuid())->pw_dir. With absolute paths,
> this is never an issue.
Note that nmh already checks to see if a setuid or setgid
had succeeded, and in that case won't use the environment
variables (and instead will just put tmp files in the MH
Path directory):
/* Ignore envvars if we are setuid */
if ((getuid()==geteuid()) && (getgid()==getegid())) {
/* use first non-null of MHTMPDIR, TMPDIR, or TMP */
...
}
> > If it is .. or .., or starts with ./ or
> > ../, then it's relative to the current working directory.
(Off-this-topic experiment: my first message with that text
got incorrectly converted to 8-bit. I'll run this through
mhbuild to show that the C-T header prevents that.)
David
_______________________________________________
Nmh-workers mailing list
[email protected]
https://lists.nongnu.org/mailman/listinfo/nmh-workers
