[rt-users] Web interface for clients
Smylers
smylers at gbdirect.co.uk
Thu Feb 28 04:23:55 EST 2002
Yesterday Bob Apthorpe wrote:
> Please bear with me if I seem overly ranty on this point:
You seemed quite constrained to me!
> DO NOT INSTALL formmail.pl ESPECIALLY ON A SYSTEM EXPOSED TO THE
> PUBLIC INTERNET - IT'S A MONSTROUSLY HUGE SECURITY RISK.
>
> See http://www.monkeys.com/anti-spam/formmail-advisory.ps for the
> security advisory; if you're running formmail.pl in any capacity,
> please replace it with the more secure version at
> ftp://ftp.monkeys.com/pub/formmail/1.9s/ or disable it as soon as
> possible.
For those who don't know, there's also the NMS project which provides
drop-in replacements for Matt's Script Archive scripts but without the
security problems. They have a formmail replacement available:
http://nms-cgi.sourceforge.net/
(Unfortunately they also have a very long homepage, with the table of
available scripts about halfway down it, and no anchors for direct
linking!)
Smylers
More information about the rt-users
mailing list