book home

CGI Programming with Perl

9.5. mailx and mail

mailx and mail are other popular options for sending email. Some people even argue that they are more secure than sendmail. It is true that because sendmail is such a large, complicated program, and because it runs as root, it has been the source of a number of security holes over the years. However, the notion that it is a less secure option in CGI scripts is a dubious one. One serious problem with mailx and mail is that they allow tilde escapes: any line in the body of the message beginning with ~! is executed as a command. Many versions do attempt to detect whether they are being run by a user on a terminal and disable tilde escapes otherwise, but this is a serious potential risk.

A second problem with mailx and mail is that they offer nothing comparable to sendmail 's -t option. Thus, if you want to use mail, for example, you must use the fork and exec trick we described in the last chapter:

open MAIL "|-" or exec( "/bin/mail", $email ) or      die "Cannot exec mail $!";

Finally, mailx and mail also lack the useful options we discussed with sendmail, such as overriding the sender.

9.4. sendmail9.6. Perl Mailers

Copyright © 2001 O'Reilly & Associates. All rights reserved.

CGI Programming with Perl
CGI Programming with Perl
ISBN: 1565924193
EAN: 2147483647
Year: 1999
Pages: 120

Similar book on Amazon

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net