Create a malicious directory

Reto reto at labrat.space
Mon May 20 15:50:13 EEST 2019


How is that dangerous?
If you pipe output from a directory listing to *any* command you need to sanitize it.

That's normal if you have data that can be created by a user. The issue is known since the very beginning of Linux


More information about the dovecot mailing list