The man page for mhstore recommends that, for the sake of security, I not put
the -auto switch in .mh_profile. Whatever the security risk is, would it not
also be present if I invoke mhstore with that switch? But the man page does
not seem to recommend against that.
The '|' facility is an obvious security risk, but as I read the man page it
would never be invoked unless my .mh_profile specifies a formatting string.
So assuming that my .mh_profile has no entries of the form
mhstore-store-<type>
what are the security risks of the -auto switch?
Norman Shapiro
_______________________________________________
Nmh-workers mailing list
[email protected]
https://lists.nongnu.org/mailman/listinfo/nmh-workers
