.wmf vulnerability

[Ken A]

    [ The following text is in the "ISO-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

Kevin,
Thank you. I didn't realize the allow rules worked that way, though I 
should have! .. more coffee!
Ken


Kevin Miller wrote:
> Ken A wrote:
> 
>> Thanks Wess, I do understand that, but what I'm wondering about is the
>> strings returned by the file command are based on
>> /usr/share/file/magic, which reports things like perl and shell
>> scripts as executable - so they are blocked in the default
>> filetype.rules.conf. I don't want to treat them the same as a windows
>> metafile hiding as some innocent .txt file. 
>>
>> Does anyone has a real world filetype.rules.conf file that is a bit
>> more permissive than the default, but still catches the windows junk.
> 
> In my (default) filetype.rules.conf the first four lines are:
> 
> allow   text            -                       -
> allow   script          -                       -
> allow   archive         -                       -
> allow   postscript      -                       -
> 
> The second should allow perl and shell scripts through.  I just sent
> myself a bash script, and a .pl file and they came through just fine.
> 
> HTH...
> 
> ...Kevin

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!