[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Pan-users] Re: Save attachment file permissions
From: |
Duncan |
Subject: |
[Pan-users] Re: Save attachment file permissions |
Date: |
Thu, 19 Feb 2009 11:37:39 +0000 (UTC) |
User-agent: |
Pan/0.133 (House of Butterflies) |
Paul Crawford <address@hidden> posted
address@hidden, excerpted below, on Thu, 19 Feb 2009
09:07:30 +0000:
> I thought about the possible changes to fix this, and it occured that
> there are two options:
>
> (1) Add the call to UUSetOption (UUOPT_IGNMODE, 1, NULL) somewhere.
>
> (2) Change line 140 of uulib/uulib.c to have:
>
> int uu_ignmode = 1;
>
> (i.e. we make the decoder start-up to safe mode, so anyone wanting POSIX
> has to call UUSetOption to reset the ignore mode).
>
> First solution works best is uulib is a separate entity from Pan and
> users do not want the default behaviour changed, second is better if
> uulib is integrated and/or could be used by anything else where this
> hole in security could be an issue.
The only binary the pan package includes is pan itself, no libraries, so
it's using it internally, regardless of the discouragement on using
internal libraries due to the security headaches when they have a hole
that needs fixed and one has to figure out how many apps have internal
versions...
That said, internal or not, keeping the library code as pristine as
possible should be a goal, so I'd say option 1, adding the call to
UUSetOption (UUOPT_IGNMODE, 1 NULL) somewhere, is the "correct" solution.
--
Duncan - List replies preferred. No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master." Richard Stallman
- [Pan-users] Re: Save attachment file permissions, (continued)
- Re: {FILENAME} [Pan-users] Re: Save attachment file permissions, Paul Crawford (at UoD), 2009/02/17
- [Pan-users] Re: {FILENAME} Re: Save attachment file permissions, Duncan, 2009/02/17
- Re: [Pan-users] Save attachment file permissions, Paul Crawford (at UoD), 2009/02/17
- [Pan-users] Re: Save attachment file permissions, Duncan, 2009/02/18
- Re: [Pan-users] Re: Save attachment file permissions, Paul Crawford (at UoD), 2009/02/18
- [Pan-users] Re: Save attachment file permissions, Duncan, 2009/02/18
- Re: [Pan-users] Re: Save attachment file permissions, Paul Crawford, 2009/02/19
- [Pan-users] Re: Save attachment file permissions,
Duncan <=
- Re: [Pan-users] Re: Save attachment file permissions, Rhialto, 2009/02/19
- Re: [Pan-users] Re: Save attachment file permissions, Paul Crawford (at UoD), 2009/02/20
- [Pan-users] Re: Save attachment file permissions, walt, 2009/02/20
- [Pan-users] Re: Save attachment file permissions, Duncan, 2009/02/20
- Re: [Pan-users] Re: Save attachment file permissions, Paul Crawford, 2009/02/20
- Re: [Pan-users] Re: Save attachment file permissions, Paul Crawford, 2009/02/19
- [Pan-users] Re: Save attachment file permissions, Duncan, 2009/02/19
- Re: [Pan-users] Re: Save attachment file permissions, Rinaldi J. Montessi, 2009/02/17
- [Pan-users] Re: Save attachment file permissions, Paul Crawford (at UoD), 2009/02/17
[Pan-users] Re: Save attachment file permissions, walt, 2009/02/18