Re: CVS commit: src/usr.bin/mail
In article <20180523065522.ga18...@homeworld.netbsd.org>,wrote: >You don't get to sneak a controversial change by omitting a real commit >message. Ïο λακÏνίζειν εÏÏί ÏιλοÏοÏείν christos
Re: CVS commit: src/usr.bin/mail
You don't get to sneak a controversial change by omitting a real commit message. On Tue, May 22, 2018 at 09:03:47PM -0400, Christos Zoulas wrote: > Module Name: src > Committed By: christos > Date: Wed May 23 01:03:46 UTC 2018 > > Modified Files: > src/usr.bin/mail: Makefile mail.1 > > Log Message: > Remove Mail > > > To generate a diff of this commit: > cvs rdiff -u -r1.36 -r1.37 src/usr.bin/mail/Makefile > cvs rdiff -u -r1.63 -r1.64 src/usr.bin/mail/mail.1 > > Please note that diffs are not public domain; they are subject to the > copyright notices on the relevant files. > > Modified files: > > Index: src/usr.bin/mail/Makefile > diff -u src/usr.bin/mail/Makefile:1.36 src/usr.bin/mail/Makefile:1.37 > --- src/usr.bin/mail/Makefile:1.36Sat Jul 5 15:22:04 2014 > +++ src/usr.bin/mail/Makefile Tue May 22 21:03:46 2018 > @@ -1,4 +1,4 @@ > -#$NetBSD: Makefile,v 1.36 2014/07/05 19:22:04 dholland Exp $ > +#$NetBSD: Makefile,v 1.37 2018/05/23 01:03:46 christos Exp $ > #@(#)Makefile8.3 (Berkeley) 4/20/95 > > .include > @@ -26,8 +26,8 @@ SRCS= version.c support.c cmd1.c cmd2.c > dotlock.c edit.c fio.c format.c getname.c head.c v7.local.c lex.c \ > list.c main.c names.c popen.c quit.c send.c sig.c strings.c temp.c \ > tty.c vars.c > -LINKS= ${BINDIR}/mail ${BINDIR}/Mail ${BINDIR}/mail ${BINDIR}/mailx > -MLINKS= mail.1 Mail.1 mail.1 mailx.1 > +LINKS= ${BINDIR}/mail ${BINDIR}/mailx > +MLINKS= mail.1 mailx.1 > > LDADD+= -lutil > DPADD+= ${LIBUTIL} > > Index: src/usr.bin/mail/mail.1 > diff -u src/usr.bin/mail/mail.1:1.63 src/usr.bin/mail/mail.1:1.64 > --- src/usr.bin/mail/mail.1:1.63 Mon Jul 3 17:34:20 2017 > +++ src/usr.bin/mail/mail.1 Tue May 22 21:03:46 2018 > @@ -1,4 +1,4 @@ > -.\" $NetBSD: mail.1,v 1.63 2017/07/03 21:34:20 wiz Exp $ > +.\" $NetBSD: mail.1,v 1.64 2018/05/23 01:03:46 christos Exp $ > .\" > .\" Copyright (c) 1980, 1990, 1993 > .\" The Regents of the University of California. All rights reserved. > @@ -29,13 +29,12 @@ > .\" > .\" @(#)mail.1 8.8 (Berkeley) 4/28/95 > .\" > -.Dd December 15, 2014 > +.Dd May 22, 2018 > .Dt MAIL 1 > .Os > .Sh NAME > .Nm mail , > -.Nm mailx , > -.Nm Mail > +.Nm mailx > .Nd send and receive mail > .Sh SYNOPSIS > .Nm > @@ -2299,11 +2298,14 @@ originally written by Kurt Shoens. > There are some flags and commands that are not documented here. > Most are not useful to the general user. > .Pp > -Usually, > +Historically, > .Nm > -is just a link to > +was just a link to > .Nm Mail , > -which can be confusing. > +which was confusing. > +.Nm Mail > +has been removed in > +.Nx 9 . > .Pp > The name of the > .Ic alternates >
Re: CVS commit: src/usr.bin/mail
In article 20141217131849.r2prgpje%sdao...@yandex.com, Steffen Nurpmeso sdao...@yandex.com wrote: This is fully yours and who am i but |Added expandaddr option to explicitly enable this behavior. why does a Christos Zoulas silently wave through this sloppy programmed shit from oss-sec that simply returns from outof() instead of giving any indication on what is going on? Unbelievable. All you have to do is to set a variable to get the previous behavior, and this is now documented. It is unexpected behavior that a mail program can run commands on behalf of the user using special syntax. Just a few weeks ago, we fixed a similar issue in ftp. Why didn't you complain for that? I believe that all maintained versions of mail upstream are being adjusted to comply with this. What's the downside? Or are you sure that everything that passes addresses to the mail program command line sanitizes their addresses properly? christos
Re: CVS commit: src/usr.bin/mail
This is fully yours and who am i but Christos Zoulas chris...@netbsd.org wrote: |Module Name: src |Committed By: christos |Date: Tue Dec 16 19:30:24 UTC 2014 | |Modified Files: | src/usr.bin/mail: cmd3.c extern.h fio.c mail.1 names.c send.c | |Log Message: |Fix various security related issues: | |0001. Do not recognize paths, mail folders, and pipes in mail addresses |by default. That avoids a direct command injection with syntactically |valid email addresses starting with |. | |Such addresses can be specified both on the command line, the mail |headers (with -t) or in address lines copied over from previous |while replying. |Added expandaddr option to explicitly enable this behavior. why does a Christos Zoulas silently wave through this sloppy programmed shit from oss-sec that simply returns from outof() instead of giving any indication on what is going on? Unbelievable. --steffen
Re: CVS commit: src/usr.bin/mail
In article 20141217142550.ne2degkj%sdao...@yandex.com, Steffen Nurpmeso sdao...@yandex.com wrote: No, of course not -- except that validate user input screams from every wall. Maybe i'm just disappointed. But any environment that passes a string that includes shell meta characters through to whatever else seems broken. Tomorrow BSD Mail / POSIX mailx(1) get a CVE for QoS attacks because of passing through malformed addresses to MTAs that lead to nowhere but cause several process lifetimes and log entries... That doesn't seem right. It is to protect the innocent. Consider someone writing his first cgi script and wants to add mail functionality :-) Perhaps as people claimed mail/mailx is beyond hope... christos
Re: CVS commit: src/usr.bin/mail
chris...@astron.com (Christos Zoulas) wrote: |In article 20141217131849.r2prgpje%sdao...@yandex.com, |Steffen Nurpmeso sdao...@yandex.com wrote: |This is fully yours and who am i but | ||Added expandaddr option to explicitly enable this behavior. | |why does a Christos Zoulas silently wave through this sloppy |programmed shit from oss-sec that simply returns from outof() |instead of giving any indication on what is going on? |Unbelievable. | |All you have to do is to set a variable to get the previous behavior, |and this is now documented. It is unexpected behavior that a mail |program can run commands on behalf of the user using special syntax. |Just a few weeks ago, we fixed a similar issue in ftp. Why didn't you |complain for that? ftp is completely beyond my horizon except for open/close/mreget. What is expected behaviour. But yes it is better if there are ways to disable it, i also see this now. |I believe that all maintained versions of mail upstream are being |adjusted to comply with this. What's the downside? It seems i'm the last. Missing checks, complete silence, no report at all, e.g. exit status. Bad programs. |Or are you sure that everything that passes addresses to the mail |program command line sanitizes their addresses properly? No, of course not -- except that validate user input screams from every wall. Maybe i'm just disappointed. But any environment that passes a string that includes shell meta characters through to whatever else seems broken. Tomorrow BSD Mail / POSIX mailx(1) get a CVE for QoS attacks because of passing through malformed addresses to MTAs that lead to nowhere but cause several process lifetimes and log entries... That doesn't seem right. --steffen
Re: CVS commit: src/usr.bin/mail
In article 20130104015455.d9d3e17...@cvs.netbsd.org, Christos Zoulas source-changes-d@NetBSD.org wrote: -=-=-=-=-=- Module Name: src Committed By: christos Date: Fri Jan 4 01:54:55 UTC 2013 Modified Files: src/usr.bin/mail: mime_attach.c Log Message: PR/47396: Steffen: mail(1) may falsely use quoted-printable for files with embedded NULs Log message fixed on cvs. christos