User: Password:
Subscribe / Log in / New account

Trusting user-supplied data...

Trusting user-supplied data...

Posted May 5, 2014 22:19 UTC (Mon) by anguslees (subscriber, #7131)
In reply to: Trusting user-supplied data... by rsidd
Parent article: A preview of HyperKitty's reimagined mailing list interface

... So if the archive discards later duplicates (rather than overwrites earlier entries), have we addressed this issue? (Are there muas with predictable message ids that are worth attacking in this way?)

(Log in to post comments)

Trusting user-supplied data...

Posted May 5, 2014 22:22 UTC (Mon) by dlang (subscriber, #313) [Link]

I don't know specific names, but given the horrific problems I've seen in this area, I'd bet that there are MUAs that do have predictable message IDs

worth attacking? that depends who uses them.

Trusting user-supplied data...

Posted Jan 13, 2018 14:40 UTC (Sat) by cjwatson (subscriber, #7322) [Link]

Looking at the code, it seems reasonably clear that HyperKitty will discard later duplicates.

Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds