Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!wuarchive!uunet!world!geoff
From: geoff@world.std.com (Geoff Collyer)
Newsgroups: news.software.b
Subject: Re: unsafe control articles (reposting)
Message-ID: <1991May2.172924.6034@world.std.com>
Date: 2 May 91 17:29:24 GMT
References: <1991Apr28.175618.8934@unixland.uucp>
Organization: Software Tool & Die Netnews Research Center
Lines: 18

[ Hoist by me own petard!  The date on world was a month in the future
when I posted the original of this message, so some sites will have
rejected the original.  Yes, we probably should be running xntpd. ]

Bill Heiser:
>Lately I've seen numerous "control message looks unsafe to execute"
>messages.  Have other people seen these?  What is it that they're
>detecting?  Is someone "really" trying to do something bad?

"control `foo' looks unsafe to execute" means that `foo' contains a shell
metacharacter or a slash.  It could be due to an error constructing the
control message or it could a real attempt to do something nasty; likely
the former.  In the latter case, the potential damage is somewhat limited
anyway since control messages run under your `news' userid.

Eventually these complaints will be demoted to just a log file entry.
-- 
Geoff Collyer		world.std.com!geoff, uunet.uu.net!geoff