and <a href="http://www.movabletype.org/news/2003_11.shtml">here's the official MT announcement</a>.
i'd like to quickly point out that the fix, which basically consists of adding:
<pre>
die "Invalid from or to value"
if $to =~ /[\r\n,]/ || $from =~ /[\r\n,]/;
</pre>
while it may be effective, is the wrong approach to writing secure code. here, they are explicitly looking for some characters that are known to be troublesome and removing them. the proper approach when dealing with untrusted input is to carefully define exactly what is legal input and accept only that input. this is one of the most basic (and most frequently ignored apparently) concepts in computer security. it is the fundamental idea behind perl's <a href="http://www.perldoc.com/perl5.6/pod/perlsec.html">taint mode</a>, and not following it is the cause of countless vulnerabilities.
a more correct solution would have been for them to use <a href="http://search.cpan.org/~abigail/RFC_RFC822_Address-1.5/Address.pm">RFC::RFC822::Address</a> or something similar to ensure that the addresses entered are valid.
anders pearson - 2003-11-26 15:16:19
and <a href="http://www.movabletype.org/news/2003_11.shtml">here's the official MT announcement</a>. i'd like to quickly point out that the fix, which basically consists of adding: <pre> die "Invalid from or to value" if $to =~ /[\r\n,]/ || $from =~ /[\r\n,]/; </pre> while it may be effective, is the wrong approach to writing secure code. here, they are explicitly looking for some characters that are known to be troublesome and removing them. the proper approach when dealing with untrusted input is to carefully define exactly what is legal input and accept only that input. this is one of the most basic (and most frequently ignored apparently) concepts in computer security. it is the fundamental idea behind perl's <a href="http://www.perldoc.com/perl5.6/pod/perlsec.html">taint mode</a>, and not following it is the cause of countless vulnerabilities. a more correct solution would have been for them to use <a href="http://search.cpan.org/~abigail/RFC_RFC822_Address-1.5/Address.pm">RFC::RFC822::Address</a> or something similar to ensure that the addresses entered are valid.