>Number:         3286
>Category:       bin
>Synopsis:       sendmail needs 'E' flag for 'Mlocal' and should set uid
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people (Utility Bug People)
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Mon Mar  3 11:50:01 1997
>Last-Modified:
>Originator:     
>Organization:
The cost of living hasn't affected its popularity. (Mark Twain)
current	release=doc host=netbsd.wifo.uni-mannheim.de \ "NetBSD-current mirror"
hostbase=/mit/ftp/pub/NetBSD base=/usr prefix=/usr backup delete use-rel-suffix
>Release:        1.3.97
>Environment:
	
System: NetBSD wipux2.wifo.uni-mannheim.de 1.2C NetBSD 1.2C (WIPOOL) #1: Sat Mar 1 14:01:09 MET 1997 andrew@wipux2.wifo.uni-mannheim.de:/src/src/sys/arch/i386/compile/WIPOOL i386


>Description:
	When sendmail receives a mail that contains lines 
	beginning with 'From' it does not escape them. 
	thx goes to der Mouse for finding the fix (an 'E' flag
	for LOCAL_MAILER_FLAGS in local.m4).

	When sendmail reads root's .forward file it uses uid
	daemon to execute it if it contains a pipe.
>How-To-Repeat:
	forward this (without your local mailer changing it) to
	yourself and receive to messages (one which has the line
	'Forwarded message' and one with the message ;-)

	put '"|cat >/tmp/foobar"' in your .forward file
	
>Fix:
for 'E' flag:
--- local.m4.old	Sun Mar  2 22:07:37 1997
+++ local.m4	Sun Mar  2 22:23:11 1997
@@ -32,7 +32,7 @@
 # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 # SUCH DAMAGE.
 #
-ifdef(`LOCAL_MAILER_FLAGS',, `define(`LOCAL_MAILER_FLAGS', `rmn9')')
+ifdef(`LOCAL_MAILER_FLAGS',, `define(`LOCAL_MAILER_FLAGS', `Ermn9')')
 ifdef(`LOCAL_MAILER_PATH',, `define(`LOCAL_MAILER_PATH', /bin/mail)')
 ifdef(`LOCAL_MAILER_ARGS',, `define(`LOCAL_MAILER_ARGS', `mail -d $u')')
 ifdef(`LOCAL_SHELL_FLAGS',, `define(`LOCAL_SHELL_FLAGS', `eu9')')
	

for 'daemon uid' 
unknown
>Audit-Trail:
>Unformatted: