diff options
author | ache <ache@FreeBSD.org> | 1995-04-14 21:54:18 +0000 |
---|---|---|
committer | ache <ache@FreeBSD.org> | 1995-04-14 21:54:18 +0000 |
commit | d12c09e5c2c1c5595f0443af57acdfd55e1b2405 (patch) | |
tree | 8c21cc0759ff4d02c1e3036007d49d050d92621e /usr.sbin/cron | |
parent | b759fab5afb55010d2a12e859d2bdd16fcdea926 (diff) | |
download | FreeBSD-src-d12c09e5c2c1c5595f0443af57acdfd55e1b2405.zip FreeBSD-src-d12c09e5c2c1c5595f0443af57acdfd55e1b2405.tar.gz |
Fix MAILTO hole by passing -t to sendmail
Submitted by: Mike Pritchard <pritc003@maroon.tc.umn.edu>
Diffstat (limited to 'usr.sbin/cron')
-rw-r--r-- | usr.sbin/cron/cron/config.h | 5 | ||||
-rw-r--r-- | usr.sbin/cron/cron/do_command.c | 33 |
2 files changed, 5 insertions, 33 deletions
diff --git a/usr.sbin/cron/cron/config.h b/usr.sbin/cron/cron/config.h index 97daadd..eeae83a 100644 --- a/usr.sbin/cron/cron/config.h +++ b/usr.sbin/cron/cron/config.h @@ -17,7 +17,7 @@ /* config.h - configurables for Vixie Cron * - * $Id: config.h,v 1.1.1.1 1994/08/27 13:43:04 jkh Exp $ + * $Id: config.h,v 1.2 1995/04/12 19:28:30 ache Exp $ */ #if !defined(_PATH_SENDMAIL) @@ -42,10 +42,11 @@ */ #define MAILCMD _PATH_SENDMAIL /*-*/ -#define MAILARGS "%s -FCronDaemon -odi -oem %s" /*-*/ +#define MAILARGS "%s -FCronDaemon -odi -oem -t" /*-*/ /* -Fx = set full-name of sender * -odi = Option Deliverymode Interactive * -oem = Option Errors Mailedtosender + * -t = read recipients from header of message */ /* #define MAILCMD "/bin/mail" /*-*/ diff --git a/usr.sbin/cron/cron/do_command.c b/usr.sbin/cron/cron/do_command.c index a613b7f..8439db9 100644 --- a/usr.sbin/cron/cron/do_command.c +++ b/usr.sbin/cron/cron/do_command.c @@ -16,7 +16,7 @@ */ #if !defined(lint) && !defined(LINT) -static char rcsid[] = "$Id: do_command.c,v 1.2 1995/04/12 18:57:37 ache Exp $"; +static char rcsid[] = "$Id: do_command.c,v 1.3 1995/04/13 20:58:13 ache Exp $"; #endif @@ -94,35 +94,6 @@ child_process(e, u) */ usernm = env_get("LOGNAME", e->envp); mailto = env_get("MAILTO", e->envp); - if (mailto != NULL && *mailto) { - char *head, *next; - int address_found = 0; - - head = mailto; - while (isspace(*head)) - head++; - for ( ; (next = strpbrk(head, " \t")) != NULL; head = next) { - next++; - while (isspace(*next)) - next++; - address_found = 1; - if (*head == '-') { - mailto = NULL; - break; - } - } - if (mailto != NULL && *head) { - address_found = 1; - if (*head == '-') - mailto = NULL; - } - if (!address_found) - mailto = ""; - if (mailto == NULL) { - log_it("CRON",getpid(), usernm, "attempts to crack"); - exit(ERROR_EXIT); - } - } #ifdef USE_SIGCHLD /* our parent is watching for our death by catching SIGCHLD. we @@ -396,7 +367,7 @@ child_process(e, u) (void) gethostname(hostname, MAXHOSTNAMELEN); (void) sprintf(mailcmd, MAILARGS, - MAILCMD, mailto); + MAILCMD); if (!(mail = cron_popen(mailcmd, "w"))) { perror(MAILCMD); (void) _exit(ERROR_EXIT); |