Re: [PATCH] Use execvp to call sendmail

To: Mutt Developers <mutt-dev@xxxxxxxx>
Subject: Re: [PATCH] Use execvp to call sendmail
From: Charles Cazabon <muttdev@xxxxxxxxxxxxxxxxxxxx>
Date: Fri, 16 Mar 2007 09:11:51 -0600
In-reply-to: <20070316144040.GA20391@xxxxxxxx>
List-unsubscribe: <mailto:mutt-dev-request@mutt.org?Subject="Unsubscribe Mutt Dev"?body=unsubscribe>
Mail-followup-to: Mutt Developers <mutt-dev@xxxxxxxx>
References: <20070316144040.GA20391@xxxxxxxx>
Sender: owner-mutt-dev@xxxxxxxx
User-agent: Mutt/1.5.11

Christoph Berg <cb@xxxxxxxx> wrote:
>
> Use execvp to call sendmail, useful for people trying sendmail="ssh host
> sendmail".

I'm curious: does the ssh client binary tend to move around the filesystem
randomly on these peoples' systems?

I don't think this is a great change.  Many people unwisely put . in their
path; anyone else on the system could drop a shellscript of that name into a
common directory and capture other users' mail if the path was used to locate
the sendmail program.  Requiring users to explicitly specify the path to it
prevents that privacy risk.

Charles
-- 
-----------------------------------------------------------------------
Charles Cazabon                          <muttdev@xxxxxxxxxxxxxxxxxxxx>
-----------------------------------------------------------------------

Follow-Ups:
- Re: [PATCH] Use execvp to call sendmail
  - From: Thomas Dickey
- Re: [PATCH] Use execvp to call sendmail
  - From: Christoph Berg

References:
- [PATCH] Use execvp to call sendmail
  - From: Christoph Berg

Prev by Date: Re: [PATCH] Use execvp to call sendmail
Next by Date: Re: [PATCH] Use execvp to call sendmail
Previous by thread: Re: [PATCH] Use execvp to call sendmail
Next by thread: Re: [PATCH] Use execvp to call sendmail
Index(es):
- Date
- Thread