Date: Wed, 29 Jul 1998 10:24:53 -0600 From: Brett Glass <brett@lariat.org> To: andrew@squiz.co.nz Cc: security@FreeBSD.ORG Subject: Re: Any procmail experts here? Message-ID: <199807291630.KAA11022@lariat.lariat.org> In-Reply-To: <Pine.BSF.3.96.980729184840.24329B-100000@aniwa.sky> References: <199807290301.VAA28924@lariat.lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Wow.... That means invoking both procmail AND Perl on every message.
Not such a good idea on a busy mail server. (And, of course, Perl
will recompile the regex each and every time it executes.) How could
one avoid this?
--Brett
At 06:50 PM 7/29/98 +1200, Andrew McNaughton wrote:
>
>:0 hfw
>* ^Content-disposition:
>| /usr/local/bin/perl -pe 's/^(Content-Disposition:.{80}).*/$1/i'
>
>It's a little rough, but should work, Improvement is a perl regex problem
>rather than a procmail one.
>
>Andrew McNaughton
>
>
>On Tue, 28 Jul 1998, Brett Glass wrote:
>
>> Date: Tue, 28 Jul 1998 21:01:06 -0600
>> From: Brett Glass <brett@lariat.org>
>> To: security@FreeBSD.ORG
>> Subject: Re: Any procmail experts here?
>>
>> Whoops.... As many of you have doubtless already noted, the header
>> we need to catch is
>>
>> Content-Disposition: attachment; filename="<verylogname>"
>>
>> --Brett
>>
>> At 07:59 PM 7/28/98 -0600, Brett Glass wrote:
>>
>> >We have dozens of users who might get bit by the MIME filename buffer
>> >overflow bug described at
>> >
>> >http://www.sjmercury.com/business/microsoft/docs/security0728.htm
>> >
>> >and would like to try to use procmail to plug the hole (it seems to be the
>> >best tool for the job). However, I have no experience with procmail. Could
>> >someone help me write a procmail.rc that will eliminate the extra-long
>> >filenames, truncating them back to (say) 64 characters max? All that's
>> >required is to recognize the Content-type: .... filename="<name>" header
>> >and make sure that <name> is chopped if it's too long.
>> >
>> >This would be a fix for which thousands of sysadmins would be exceedinglyy
>> >grateful.
>> >
>> >--Brett
>> >
>> >
>> >To Unsubscribe: send mail to majordomo@FreeBSD.org
>> >with "unsubscribe security" in the body of the message
>> >
>>
>> To Unsubscribe: send mail to majordomo@FreeBSD.org
>> with "unsubscribe security" in the body of the message
>>
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807291630.KAA11022>