postfix-users October 2010 archive
Main Archive Page > Month Archives  > postfix-users archives
postfix-users: Is there potential OS command injection attack in

Is there potential OS command injection attack in forwarding e-mail to command?

From: Kousuke Ebihara <kousuke_at_nospam>
Date: Fri Oct 22 2010 - 09:32:04 GMT
To: postfix-users@postfix.org

Hi,

I have a question about OS command injection attack in forwarding
e-mail to command.

Postfix alias database allows the following configuration. It forwards
to e-mail to the specified command:

alias: /path/to/command

I think Postfix executes the following command (my guessing...):

echo $e_mail | /path/to/command

But e-mail is a kind of user inputted value. So I'm worried that
Postfix might execute commands in a content of e-mail.

Of course I believe Postfix doesn't execute command by user inputted
value. But I couldn't find any evidences...

-- Kousuke Ebihara