On Thu, Aug 22, 2002 at 11:50:23AM -0600, Rob 'Feztaa' Park wrote: > :0: > * ^X-List: \/[-a-zA-Z0-9\.]+ > $HOME/mail/$MATCH > > The upside to this is that it catches an *assload* of mailing lists, not > just kernelnewbies, and when you subscribe to a new list, you probably > won't need to make a new rule. The downside is that you don't get to > control the name of the mbox that the mail is delivered to, but this > doesn't bother me. There's a bigger downside. Think what happens if I send you mail with a header something like.. X-List: ../.ssh/authorized_keys Trivial extension of any file for which you have priveledge to touch. At the least you should strip out ../ and ~ from the X-List with sed before trusting it. Dave. -- | Dave Jones. http://www.codemonkey.org.uk | SuSE Labs -- Kernelnewbies: Help each other learn about the Linux kernel. Archive: http://mail.nl.linux.org/kernelnewbies/ FAQ: http://kernelnewbies.org/faq/
