4.51.4: security concerns, TNEF question

Joshua Hirsh joshua.hirsh at partnersolutions.ca
Wed Mar 1 18:06:55 GMT 2006

> Harrumph.  I would recommend replacing this with an unlink()
> call instead (use -U for directory, or unlink() and rmdir()). 
> It would save the cost of a fork() and exec() to create a subshell. 
> Security-wise, I also get nervous when I do not see a full pathname 
> for "rm" in code that runs as root.

Hi Jeff,

 Although I do agree with you over the use of unlink compared to forking to rm, the PATH is already sanitized by MailScanner. In the main program, you'll find this line:


 So the path to rm is indeed sanitized. I'm not sure if this is being done for the AV helper scripts though.


More information about the MailScanner mailing list