hmm, not shure, but i think, download a copy of the CVS, make a copy of it, in one of the copies you edit the source, after that, you do diff -ruN edited-source... original-source... >>skel.patch¨
as i said, I think... i'm not realy "that" in to it
----- Original Message -----
Sent: Tuesday, December 16, 2003 7:03 AM
Subject: Re: [vchkpw] skel

I have this done already actually. Tom sent me a link to some great copy code.
I'm having some problems with the diff however, but I'll get it uploaded to
the patch system on sourceforge as soon as I am able.
If someone could tell me the best way to do a diff against CVS I would be
----- Original Message -----
From: X-Istence
Sent: Monday, December 15, 2003 5:50 PM
Subject: Re: [vchkpw] skel

David Winkler wrote:
I'm planning on rewriting it correctly. At the time I really hadn't
considered the implications of how it worked, and the fact that
it isn't really cross platform.

I'll submit another with a more secure, cross platform diff, as soon
as I am able against whatever is current in cvs at the time.



----- Original Message ----- 
From: "Raboo Treed" <[EMAIL PROTECTED]>
To: "vpopmail list" <[EMAIL PROTECTED]>
Sent: Thursday, November 06, 2003 6:25 PM
Subject: Re: [vchkpw] skel

A root compromise of the system isn't the only thing one has to worry
about. I'd be pretty pissed if someone inserted something into my skel
that resulted in all of my email being duplicated and sent to someone
else. Using cp when you could just copy the files in C in a secure
manner is just silly. Its also less efficient, as an added bonus.
Exploitable just isn't safe enough. I've disagreed with Tom about the
level of paranoia required (see the password/salt generation thread),
but in this case he's absolutely right about requiring more than the
current patch supplies.
Who will be our saviour and take on the task to make the patch secure and
worthy to be a part of vpopmail future releases

( P.S. sorry Nick if you've recived the message twice 
I pressed the wrong reply button at first )



I hate to bring old messages back up, but i would like such an option. Seeing as using it with spamassassin to auto add some standard settings would make a really good way to get users acustomed to spamassassin and how it can help them with their spam problem, also it would help out administrators.

About other people editing it, well just be smart about it, chmod the files correctly, and dont allow any user other than vpopmail/root to write/edit files in the directory.


Reply via email to