in lithuania we have PHP mailing list with mailman.
With hypermail i making nice looking and usefull mailing list archive, but
in this archyve where are some vulnarabilities. For example in that server
there are PHP, so someone can send to mailing list *.php file and after
making archive all user can get this *.php file throught web mailing list
archive.
My mailing list archive reindexing every night, so every night i'm in
dangerous
situation. This .php on my server people can in simple drop database
and so on...
how to solve it. Before sending attachment to user browser, send special header. So .php file will be not exacutable, but saveble :)
Thanks.
This archive was generated by hypermail 2.3.0 : Sat 13 Mar 2010 03:46:12 AM GMT GMT