procmail (in)security
Todd Underwood
todd-bogofilter at osogrande.com
Fri Mar 7 18:20:16 CET 2003
fred,
On Fri, 7 Mar 2003, Fred Yankowski wrote:
> On Fri, Mar 07, 2003 at 07:40:11AM -0500, Todd Underwood wrote:
> > 2) use something like procmail that has these kinds of properties
> > (procmail has historically been a security disaster, so i would stay away
> > from it if possibly--consider maildrop).
>
> What's your basis for calling procmail a security disaster? I use
> procmail all the time and, if you're right, I want to know what risks
> I'm taking. I already know that procmail's "recipe" language is
> confusing, but in what ways is it insecure?
procmail has a relatively bad security record. the code is complex (and
according to some of the better code auditors, virtually unauditable).
http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=procmail+security+problems
http://security-archive.merton.ox.ac.uk/security-audit-199902/0063.html
just a couple of places to start.
since i run qmail primarily for its security properties, introducing
something as complex and with such a poor security record as procmail is
definitely a no-no.
and, as you said, the recipies are complex. very few people i know are
able to get them right with any regularity (and testing always involves
bouncing or losing mail).
i'd take maildrop or just .qmail files any day.
t.
--
todd underwood, sr. vp & cto
oso grande technologies, inc.
todd at osogrande.com
"The people never give up their liberties but under some delusion."
--Edmund Burke, Speech at County Meeting of Bucks, 1784.
More information about the Bogofilter
mailing list