[Dovecot] Developing new Dspam Plugin
Johannes Berg
johannes at sipsolutions.net
Wed Jun 28 19:16:08 EEST 2006
Hi,
> Ok, I've now fixed this, by initialising a SQL connection once, and
> then using SQL ping to check if it's alive, and if it's not the give
> an error (I'll try and make it disconnect and reconnect later).
You really want the latter since imap connections will stay open, and
the workaround would require closing the connection which could be quite
expensive for the client (evolution for example synchronizes completely
then)
> I just realised that it may be possible to exploit the snprintf and
> send strange commands to the server, for this reason, the user that
> the plugin uses, should only be able to run the 2 procedure's. I have
> no idea how to make this secure, or if it is secure or not. Any ideas?
> (e.g. snprintf(query, 20+MAXSIGLEN, "CALL SPAM(\"%s\")", signature);
> If someone modifies the header, as long as it's within the MAXSIGLEN
> then they can effect the query?)
Yeah, good point. But luckily dspam signatures are fairly good in that
they'll always match the re "^[A-Za-z0-9,]*$" so you can check against
that... Indeed, I think it always consists of only numbers and the
optional userid separated off with a comma, but above RE should work
always. So just check that each character is alphanumeric or a comma and
return an error otherwise.
johannes
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 793 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20060628/4513ea39/attachment.pgp
More information about the dovecot
mailing list