From owner-freebsd-security Tue Jul 28 21:00:21 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id VAA01441 for freebsd-security-outgoing; Tue, 28 Jul 1998 21:00:21 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from notabene.zer0.org (sac-port55.jps.net [209.63.114.210]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id VAA01434 for ; Tue, 28 Jul 1998 21:00:18 -0700 (PDT) (envelope-from gsutter@n1.dyn.ml.org) Received: (from gsutter@localhost) by notabene.zer0.org (8.8.7/8.8.8) id VAA14337; Tue, 28 Jul 1998 21:04:56 -0700 (PDT) (envelope-from gsutter) Message-ID: <19980728210456.C12810@notabene.zer0.org> Date: Tue, 28 Jul 1998 21:04:56 -0700 From: Gregory Sutter To: Brett Glass , security@FreeBSD.ORG Subject: Re: Any procmail experts here? References: <199807290159.TAA26543@lariat.lariat.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.93.1i In-Reply-To: <199807290159.TAA26543@lariat.lariat.org>; from Brett Glass on Tue, Jul 28, 1998 at 07:59:32PM -0600 Organization: Zer0 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, Jul 28, 1998 at 07:59:32PM -0600, Brett Glass wrote: > We have dozens of users who might get bit by the MIME filename buffer > overflow bug described at > > http://www.sjmercury.com/business/microsoft/docs/security0728.htm > > and would like to try to use procmail to plug the hole (it seems to be the > best tool for the job). However, I have no experience with procmail. Could > someone help me write a procmail.rc that will eliminate the extra-long > filenames, truncating them back to (say) 64 characters max? All that's > required is to recognize the Content-type: .... filename="" header > and make sure that is chopped if it's too long. > > This would be a fix for which thousands of sysadmins would be exceedinglyy > grateful. Brett, I suggest you also make that request of the procmail mailing list, at procmail@informatik.rwth-aachen.de (subscription requests to procmail-request@...) There are some real procmail geniuses there. Regards, Greg -- Gregory S. Sutter "How do I read this file?" mailto:gsutter@pobox.com "You uudecode it." http://www.pobox.com/~gsutter/ "I I I decode it?" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message