Re: Secure popen

From: John Viega (viegaat_private)
Date: Thu Jun 21 2001 - 08:22:11 PDT

  • Next message: Glynn Clements: "Re: Secure popen"

    On Wed, Jun 20, 2001 at 10:02:21PM -0300, Rodrigo Barbosa wrote:
    >
    > And second, it's a CGI. CGI runs over a Web server. Web servers used the
    > HTTP protocol. The HTTP protocol is implemented over TCP/IP.
    
    Actually, it wouldn't be too hard to proxy to a slightly modified HTTP
    server on a box without TCP/IP (say, over a serial connection).
    
    Also, you can imagine boxes with TCP/IP, but firewall rules that
    forbid direct outbound mail connections, except from one SMTP relay
    box.  If you're not going to invoke the local mail delivery agent
    (which should know about the relay), you've got another complexity.
    
    > And, anyway, involking sendmail may be the standard, if by that you mean
    > "the most common". It's not the only MTA avalible. I myself don't use it.
    
    Most MTAs do provide sendmail compatability.  The only one I know of
    that doesn't is qmail.  If you run qmail, you know the risks, and you
    know that many things that send mail may not be able to do so.
    
    > I agree this is a good way to do it. A little more troublesome then 
    > implementing a simple SMTP connection, but a good way, none the less.
    > And escaping shell commands it's not that simple.
    
    Of course, I disagree with you.
    
    John
    



    This archive was generated by hypermail 2b30 : Thu Jun 21 2001 - 08:32:27 PDT