[web-devel] path to sendmail
Jeremy Bowers
jerf at jerf.org
Tue Feb 9 18:50:14 UTC 2016
On 02/09/2016 01:26 PM, David Turner wrote:
>
> Hi,
>
> You could put the ability to change the setting on "the other side of
> the airtight hatchway" as Raymond Chen might say:
>
It's worth providing a link to this since it's hard to find the original
in Google:
https://blogs.msdn.microsoft.com/oldnewthing/20060508-22/?p=31283/
There's really not much you can do about this except perhaps simply
require that sendmail be in the path, and even that is subject to
concerns about whether the path is set up securely. It isn't really your
program's problem to make sure the system it's running on is set up
securely; it is neither capable of correctly and safely determining the
answer to that question, nor fixing it if it could.
Disclaimer: I actually work in computer security. This isn't an
uninformed dismissal; this is an informed dismissal. :) In particular
the last line of the previous paragraph is a core part of my point. If
that wasn't true I might have a different opinion, but at the point
where we're discussing a system that can't trust that sendmail is
actually sendmail, you've already lost.
The only thing you can do is ensure that changing the path really and
truly requires the proper authorization and there's no way to trick that
system.
More information about the web-devel
mailing list