Dear Jonathan, what is the right message to feed back to the user?
Warning ?
+---------+
| Warning | ?
+---------+
+-----------------------------------------+
| +-------------------------------------+ |
| | POOR MISGUIDED, YOU MADE AN ERROR ! | | ?
| +-------------------------------------+ |
+-----------------------------------------+
All in all, if the user does not want to read feedback messages, I
ignore how to tell them the proper way.
About the exit status with -n: if one runs `crontab -n`, one expects
somme feedback message, because nothing else is going to happen. The
exit status is just an integer, far less expressive than a warning which
points out some defect. Do you always check "$?" when you get an error
or a warning message?
Jonathan H N Chin a écrit :
> Hi, I just received the new package and tried it. Thanks.
>
> It detects unacceptable MAILTO/MAILFROM, but because unacceptable
> values will cause an error later, issuing only a warning feels
> inadequate to me.
>
> For usability, perhaps it would be better to use check_error().
> Currently, warnings could be missed since the exit status with
> `-n` is still 0.
>
> Something like:
>
> case TRUE:
> /* here MAILTO and MAILFROM are checked */
> if (
> strncmp(envstr, "MAILTO=", 7) == 0 ||
> strncmp(envstr, "MAILFROM=", 9) == 0
> ){
> if (! safe_p("", strstr(envstr,"=")+1)){
> check_error("unsafe mail");
> }
> }
> break;
>
>
>
> The current safe_p() implementation may cause a syslog entry to be
> generated with no associated username when called here, which feels
> slightly wrong to me. It could be confusing to someone auditing logs
> to see spurious "() UNSAFE MAIL" messages when `-n` is used.
>
>
>
> -jonathan
--
Georges KHAZNADAR et Jocelyne FOURNIER
22 rue des mouettes, 59240 Dunkerque France.
Téléphone +33 (0)3 28 29 17 70
signature.asc
Description: PGP signature
