Marty Landman <[EMAIL PROTECTED]> writes:
>>* Hardcode multiple addresses in the script, and have a token in the
>> form specify which address to mail to. For example, if the form
>> says address=FOO, you look it up $addresses[FOO] to get
>> "[EMAIL PROTECTED]".
> What's the advantage here? Security through obscurity?
The reason formmail became so popular was that you could use one form
on the server from different pages sending to different people.
Specifying a token in the form which maps to an address in the script
allows this. It's not security through obscurity, it's security.
Someone from the outside can only use the script to send emails to
the addresses that are specified in the script -- no others.
>>* Just discontinue the script, and have people use formmail. That
>> way, the security burden is on someone else
>
> Heh, you think the situation's really that bad huh Alan?
Google for formmail security and look at the insane list of
problems, and the list of programs which have sprung up to try to fix
the problems. Why add another to the list?
> BTW, how do server side ENV vars get spoofed?
$ENV{HTTP_REFERER} is set by the HTTP server to be the value the
client specifies in the Referer: header. The client is able to send
no value, or any arbitrary value. So it's just like the user agent:
not to be trusted.
--
Alan Shutko <[EMAIL PROTECTED]> - I am the rocks.
Don't follow in my footsteps. I think I stepped in something.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
