[horde] To: and From: formatting problem
Chris
bsd at 1command.com
Wed Mar 1 08:37:13 PST 2006
Greetings and thank you for your reply.
The previous version didn't do this. It would appear that this could
easily be a security risk - even greater than that of the last version.
As it isn't properly handling input on the To: and/ or From:. It shouldn't
be possible to place potential operators on these lines. As it provides
the ability to create scripts that can cause undesired manipulation.
These lines should only provide the Name(s) of the person(s) sending or
recieving eMail.
Thanks again.
--Chris
Quoting Michael M Slusarz <slusarz at horde.org>:
> Quoting Vilius Šumskas <vilius at lnk.lt>:
>
>> Chris <bsd at 1command.com> rašė:
>>
>>> Greetings,
>>> Because of the security issues with the previous version(s).
>>> I recently upgraded Horde and friends to v.3.09 from 3.x.
>>> I am now experiencing problems when sending eMail. In the
>>> From colmn, it shows To:<who I sent it to> *instesd* of who
>>> (me in this case) sent it. It *does* properly show who sent
>>> mail to me for all others who sent me eMail. It only shows incorrectly
>>> if the eMail was from myself. Has anyone else experienced this?
>>
>> Yes. I see it all the time.
>
> This is the expected, correct behavior.
>
> michael
>
> ___________________________________
> Michael Slusarz [slusarz at horde.org]
> --
> Horde mailing list - Join the hunt: http://horde.org/bounties/#horde
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: horde-unsubscribe at lists.horde.org
>
>
----------------------------------------------------------------
FreeBSD 5.5-PRERELEASE MAIL04 Fri Feb 24 16:59:38 PST 2006
////////////////////////////////////////////////////////////////
More information about the horde
mailing list