>>>>> "C" == Chris Morris <chrismo / clabs.org> writes:

C> Can you elaborate on what this addition will do? I frequently use 
C> smtp.sendmail with multiple 'to' addresses.

Tue Jul 29 16:38:44 2003  Yukihiro Matsumoto  <matz / ruby-lang.org>

        * lib/net/smtp.rb (Net::SMTP::send0): add taint check.


svg% cat b.rb
#!/usr/bin/ruby -T1
require 'net/smtp'
Net::SMTP.start('localhost', 25) {|smtp|
   smtp.sendmail('message', 'ts', ARGV)
}
svg% 

svg% b.rb ts
/usr/local/lib/ruby/1.8/net/smtp.rb:495:in `send0': tainted to_addr (SecurityError)
        from /usr/local/lib/ruby/1.8/net/smtp.rb:494:in `each'
        from /usr/local/lib/ruby/1.8/net/smtp.rb:494:in `send0'
        from /usr/local/lib/ruby/1.8/net/smtp.rb:472:in `sendmail'
        from ./b.rb:4
        from ./b.rb:3:in `start'
        from /usr/local/lib/ruby/1.8/net/smtp.rb:408:in `start'
        from ./b.rb:3
svg% 



Guy Decoux