clash with other binutils ports for different targets, and are not
needed to be installed at all.
PR: ports/27347 (although with a different approach than suggested)
v2.108 Released May 07, 2001 17:10 (PST)
- try to avoid deadlock in LogBounces() by setting a timeout on
the OpenDB() call
- add config parameter "umask"
[suggested by gshapiro@gshapiro.net]
- don't set Reply-To: header in NewPending()
[suggested by gshapiro@gshapiro.net]
- "mailqueue" is now restricted by the "memberlist" command
[suggested by gshapiro@gshapiro.net]
- make use of the "domain" setting on preselected lists using the
mail interface
[requested by gshapiro@gshapiro.net]
- trim spaces off of possible signature terminators in
IdentifyMessage()
[suggested by gshapiro@gshapiro.net]
- LIBMSK: reimplement Absolute()
The following resulted from a code audit by Greg Shapiro of
Sendmail, Inc. <gshapiro@gshapiro.net>, whose help is greatly
appreciated:
- SECURITY: shed privileges when -C is used on the command line
- SECURITY: add a popen() wrapper to shed privileges when the command
being executed isn't sendmail
- SECURITY: bounce requests or mail referring to addresses containing
bogus characters, to prevent remote attacks
- SECURITY: add some boundary checking in a few places I'd missed
- SECURITY: be paranoid and call sendmail with "--" before
arguments provided remotely to prevent remote attacks
- SECURITY: verify access permissions with lm_access() to prevent
unauthorized file giveaways and overwrites
- SECURITY: be pedantic about list names to prevent nasty operations
- SECURITY: add and begin using lm_safefopen()
* Portlint and clean up some style bugs
* Replace a hand-rolled configure script with pre/post-configure and
GNU_CONFIGURE (side-effect is to respect CC and CFLAGS in the build
instead of using -O2)
* respect the value of INSTALL_SCRIPT so the installation doesn't bomb out
when we pass in INSTALL_PROGRAM as well
* allow automatic packaging (the MANUAL_PACKAGE_BUILD) seems to be a hold-
over from several years ago before package builds were done separately.
Approved by: jmz (maintainer)