On Mon, 12 Nov 2001, Franklin DeMatto wrote:
> Can a user sneak nasty HTML into a message? Using <PRE> does not
> suffice, as an evil user can close it with </PRE>. Ideally, there should
> be a setting to convert any < and > into < and > , so that no evil
> HTML can get in. The entire message would need to be scanned. Of course,
> this would only work for text/plain, not text/html.
I believe that is being done. Otherwise wouldn't all those funny fake tags
get shown:
<aol>
me too
</aol>
> Has hypermail been audited for other security issues?
Not explicitly, not to my knowledge at least.
> Buffer overflows,
A long time ago I did go through pretty much all the hypermail code and removed all the static buffer sizes of that time (with or without length checks). Before that, hypermail was ridden with lots of buffer overflow potentials. Of course, we might have missed some cases and we might have added new ones since.
> and creation of local files with evil names (such as unwanted extensions)
> or properties (such as double dots in paths or x-bit on) come to mind.
Hm, yes. This might be possible. I can't recall off the top of my head how hypermail treats all file names passed to it in attachments etc.
--
Daniel Stenberg - http://daniel.haxx.se - +46-705-44 31 77
ech`echo xiun|tr nu oc|sed 'sx\([sx]\)\([xoi]\)xo un\2\1 is xg'`ol
Received on Tue 13 Nov 2001 06:24:32 PM GMT
This archive was generated by hypermail 2.2.0 : Thu 22 Feb 2007 07:33:53 PM GMT GMT