[minion-cvs] Fix a security hole in minionSMTP.py.

[nickm@seul.org (Nick Mathewson)]

Update of /home/minion/cvsroot/src/minion/etc
In directory moria.mit.edu:/tmp/cvs-serv7092

Modified Files:
	minionSMTP.py 
Log Message:
Fix a security hole in minionSMTP.py.  

Guess what happened when you sent an email with
       Subject: \"; rm -rf /something/important ;echo \"
?

Fortunately, Python's popen2 module doesn't have the same limitation as
os.system or libc's popen(3): we can just pass it a list of arguments,
and all is well.


Index: minionSMTP.py
===================================================================
RCS file: /home/minion/cvsroot/src/minion/etc/minionSMTP.py,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- minionSMTP.py	18 Jan 2004 08:11:15 -0000	1.1
+++ minionSMTP.py	18 Jan 2004 08:16:21 -0000	1.2
@@ -103,20 +103,20 @@
             return "501 no text/plain body found"
 
         # Base mixminion command
-        cmd = 'mixminion send'
+        cmd = ['mixminion', 'send']
         
         # Augment the command with a nickname
         if nickname != '':
-            cmd += ' --from=\"'+nickname+'\"'
+            cmd.append('--from=%s'%nickname)
 
         if subject != '':
-            cmd += ' --subject=\"'+subject+'\"'
+            cmd.append('--subject=%s'%subject)
 
         for address in rcpttos:
             # For each address it sends the message using mixminion.
-            cmd += ' -t '+ address
-            (sout,sin) = os.popen2(cmd)
-            print cmd
+            cmdFull = cmd + ['-t', address]
+            (sout,sin) = os.popen2(cmdFull)
+            print cmdFull
             print body
             sout.write(body)
             sout.close()