Re: securing code

in reply to securing code

Hello

I would like to mention 2 potential security risks:

The substitution in the following segment is dangerous. It causes malformed Subject headers (feed it "Subject: .*"). While I did not manage to get it to take "Subject: (?{print "Hello"})", there may be a way around it to cause potential security hole.
```
if( /^Subject: (.+)$/ ) {
    $original_subject = $1;
    if( $modify_subject ) {
      print LOG "Subject modified\n" if( $log );
      s/$1/[friends]: $original_subject/;
    }
}
[download]
```
Consider using:
```
      s/Subject: /Subject: [friends]: /;
[download]
```
The pipes you open at the end of the script. You're feeding $sender to the shell.
```
open( MAIL, "|$sendmail -f $myaddress $sender" );
[download]
```
While I know sender is matched at the beginning with
```
/^From ([-a-zA-Z0-9_.@]+) .+$/
[download]
```
there are better ways to do this. One of them is using the sender in the From header before printing the message.

Hope this helps...

Aziz,,,

P.S. I suggest removing all the s/f.../f***/ stuff and replacing it with a hash of words=>substitues.

Comment on Re: securing code Select or Download Code

In Section Seekers of Perl Wisdom