On Wed, Apr 24, 2013 at 02:45:23AM +0200, Vincent Lefevre wrote: > On 2013-04-23 19:13:54 -0500, Derek Martin wrote: > > On Tue, Apr 23, 2013 at 11:58:05PM +0200, Vincent Lefevre wrote: > > > If the goal is to create a temporary file to view an attachment, the > > > contents of the attachment (and/or the mail itself) can be used as a > > > source of random data. I suppose that the attacker isn't the one who > > > sent the mail in question and the mailbox isn't public. > > > > You can't suppose that. :) The message may very well be one that > > was sent by the attacker, specifically to get the user to fall into > > his trap. > > If the attacker doesn't want the user to read his attachments, I don't > see the point of sending him a mail in the first place. :)
Cute, but DoS is not the only vector as you well know. Using the message store or any part of the message store is not a workable solution. It's (in general) data from an untrusted source and must be treated as such. In particular, untrusted data must not be used as a source of input of any sort for functions used to secure the system. Doing so creates a potential attack vector. -- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02 -=-=-=-=- This message is posted from an invalid address. Replying to it will result in undeliverable mail due to spam prevention. Sorry for the inconvenience.
pgpsGEVE533C7.pgp
Description: PGP signature
