[4362] in WWW Security List Archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Perl System Call HACKS

daemon@ATHENA.MIT.EDU (Tim Holt)
Tue Feb 11 15:35:44 1997

Date: Tue, 11 Feb 1997 09:53:35 -0700
To: www-security@ns2.rutgers.edu
From: Tim Holt <holt@roguewave.com>
Errors-To: owner-www-security@ns2.rutgers.edu

>Call 'sendmail -oi -t'.
>(Oi ignores dots in the body of the message, -t takes all headers
>from the data stream.)
>

What happens if you DO put dots in and don't use -oi.  
If you were shelling off the sendmail job, then I can
see how one could put some hack in, but if you have
opened sendmail via PERL's open command, and then send
it the To: From: Subject: and text directly, and DO
insert a . into the text, what happens to the text
after the .  Nothing I think?

Tim Holt
Rogue Wave Software


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[4362] in WWW Security List Archive

Re: Perl System Call HACKS

daemon@ATHENA.MIT.EDU (Tim Holt)Tue Feb 11 15:35:44 1997

daemon@ATHENA.MIT.EDU (Tim Holt)
Tue Feb 11 15:35:44 1997