[web-devel] path to sendmail
David Turner
dct25-561bs at mythic-beasts.com
Tue Feb 9 18:26:37 UTC 2016
Hi,
You could put the ability to change the setting on "the other side of the
airtight hatchway" as Raymond Chen might say: put the setting in a file and
don't provide any ability to change it remotely. Then if someone does
manage to change the setting to something nefarious, they already had write
access to your filesystem so they've not gained anything.
You can of course show the current value of the setting in the UI, along
with instructions on how to change it. Presumably your user at least has
SCP or FTP access, or else how did they install your software?
That, plus autodetection when first set up (looking in a bunch of common
places) sounds reasonably usable to me.
It might also be worth taking heart in the fact that if you're dealing with
someone running on a system that has sendmail in an unexpected place then
they're going to be having a Bad Time in all sorts of other ways, no matter
whose software they're using!
Cheers,
David
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.haskell.org/pipermail/web-devel/attachments/20160209/3b1d3228/attachment.html>
More information about the web-devel
mailing list