MESSAGE
DATE | 2015-03-17 |
FROM | Rick Moen
|
SUBJECT | Re: [NYLXS - HANGOUT] cable crimping
|
From owner-hangout-outgoing-at-mrbrklyn.com Tue Mar 17 08:22:03 2015 Return-Path: X-Original-To: archive-at-mrbrklyn.com Delivered-To: archive-at-mrbrklyn.com Received: by mrbrklyn.com (Postfix) id 9642C1612E6; Tue, 17 Mar 2015 08:22:03 -0400 (EDT) Delivered-To: hangout-outgoing-at-mrbrklyn.com Received: by mrbrklyn.com (Postfix, from userid 28) id 86D7B1612E9; Tue, 17 Mar 2015 08:22:03 -0400 (EDT) Delivered-To: hangout-at-nylxs.com Received: from linuxmafia.com (linuxmafia.COM [198.144.195.186]) by mrbrklyn.com (Postfix) with ESMTP id 9050F1612E6 for ; Tue, 17 Mar 2015 08:21:39 -0400 (EDT) Received: from rick by linuxmafia.com with local (Exim 4.72) (envelope-from ) id 1YXqV8-0003dn-KA for hangout-at-nylxs.com; Tue, 17 Mar 2015 05:21:38 -0700 Date: Tue, 17 Mar 2015 05:21:38 -0700 From: Rick Moen To: hangout-at-nylxs.com Subject: Re: [NYLXS - HANGOUT] cable crimping Message-ID: <20150317122138.GU23366-at-linuxmafia.com> References: <54F630D1.7070209-at-panix.com> <20150303225947.GP23366-at-linuxmafia.com> <20150304140219.5931154.51137.3925-at-gmail.com> <20150308122950.GA27283-at-panix.com> <20150308174550.GF23366-at-linuxmafia.com> <54FC9B4C.7000905-at-coredump.us> <20150309090543.GG23366-at-linuxmafia.com> <54FE74B4.405-at-coredump.us> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <54FE74B4.405-at-coredump.us> Organization: If you lived here, you'd be $HOME already. X-Mas: Bah humbug. User-Agent: Mutt/1.5.20 (2009-06-14) X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: rick-at-linuxmafia.com X-SA-Exim-Scanned: No (on linuxmafia.com); SAEximRunCond expanded to false Sender: owner-hangout-at-mrbrklyn.com Precedence: bulk Reply-To: hangout-at-nylxs.com [NYLXS: HANGOUT] X-BeenThere: hangout-at-nylxs.com X-Mailing-list: hangout-at-nylxs.com Precedence: list List-Id: NYLXS General Discussion Forum List-Unsubscribe: List-Archive: List-Post: List-Help: List-Subscribe:
Quoting Chris Knadle (Chris.Knadle-at-coredump.us):
> If you look at the mailman_transport, that's a pipe transport.
Certainly I've actually never (before) looked into the guts of the recommended router or transport definitions. The main functional advantage of using that system was, frankly, freeing one's self from having to continually futz around manually adding and removing /etc/aliases lines, and instead let the MLM mailing list definition files get accessed by the MTA directly.
That having been said, we can at least hope in this case that the MTA does careful input validation on what gets sent through mailman_transport's pipe driver. The regex disassembly that derives the local part string looks competent, for example.
Anyway, thanks for pointing that out. Learned something.
> This is the case by default, but not if you set the user and group in > the transport (such as they did in the Mailman example). Furthermore > if you look in section 29 concerning the pipe transport, there's an > allow_commands option to limit what commands a transport can call.
Yeah, this is what one hopes to see.
> At least with Exim using a pipe via /etc/aliases doesn't /have/ to be > something terribly insecure. You do need to know what you're doing... > sure.
I never said I had anything inherently against pipes, mind you. This is Unix, after all. ;->
|
|