From a91c721fad28eb27c136aceb3e3ad0f13df0963e Mon Sep 17 00:00:00 2001
From: pdmef <pdmef@e385b8ad-14ed-0310-8656-cc95a2468c6d>
Date: Thu, 18 Aug 2005 14:30:21 +0000
Subject: [PATCH] From: Will Maier <willmaier@ml1.net> Rocco Rutte: - improve
 mailcap's security section (crosslinks still to come)

git-svn-id: svn://svn.berlios.de/mutt-ng/trunk@409 e385b8ad-14ed-0310-8656-cc95a2468c6d
---
 doc/manual.sgml.head | 33 ++++++++++++++++++---------------
 doc/manual.txt       | 28 +++++++++++++++-------------
 2 files changed, 33 insertions(+), 28 deletions(-)

diff --git a/doc/manual.sgml.head b/doc/manual.sgml.head
index eace2af..df0ba2e 100644
--- a/doc/manual.sgml.head
+++ b/doc/manual.sgml.head
@@ -4409,26 +4409,29 @@ mailto:joe@host?Attach=~/.gnupg/secring.gpg</verb>
       1524. Mutt-ng can be set up to <em/automatically/ execute any
       given utility as listed in one of the mailcap files (see the
       <ref id="mailcap_path" name="&dollar;mailcap&lowbar;path">
-      variable for details.) These utilities may have security issues
-      like overriding arbitrary files, contain exploitable bugs or just
-      leak information which is a bad in combination with running them
-      without prompting. When using mutt-ng's autoview mechanism
-      involing use of mailcap files, please make sure that
+      variable for details.) 
+
+      These utilities may have a variety of security vulnerabilities,
+      including overwriting of arbitrary files, information leaks or
+      other exploitable bugs.  These vulnerabilities may go unnoticed by
+      the user, especially when they are called automatically (and
+      without interactive prompting) from the mailcap file(s). When
+      using mutt-ng's autoview mechanism in combination with mailcap
+      files, please be sure to...
 
       <itemize>
 
-        <item>you manually select trustworthy applications with a
-          reasonable calling sequence
+        <item>manually select trustworth applications with a reasonable
+        calling sequence
 
-        <item>you check the contents of mailcap files from time to time
-          (for example after doing software installations/upgrades)
+        <item>periodically check the contents of mailcap files,
+        especially after software installations or upgrades
 
-        <item>you, if you're the system's operator, always keep the
-          software packages involved up-to-date
+        <item>keep the software packages referenced in the mailcap file up to date
 
-        <item>you never ever change the default value of the
-          <ref id="mailcap_sanitize"
-          name="&dollar;mailcap&lowbar;sanitize"> variable
+        <item>leave the <ref id="mailcap_sanitize"
+        name="&dollar;mailcap&lowbar;sanitize"> variable in its default
+        state to restrict mailcap expandos to a safe set of characters
 
       </itemize>
 
@@ -4462,7 +4465,7 @@ mailbox.  However, it is possible to read other mailboxes and
 to send messages from the command line as well.
 
 <tscreen><verb>
--A	expand an alias
+-A      expand an alias
 -a      attach a file to a message
 -b      specify a blind carbon-copy (BCC) address
 -c      specify a carbon-copy (Cc) address
diff --git a/doc/manual.txt b/doc/manual.txt
index 5a04f7a..0c263a3 100644
--- a/doc/manual.txt
+++ b/doc/manual.txt
@@ -3970,25 +3970,27 @@
        One of these is the mailcap mechanism as defined by RfC 1524. Mutt-ng can be
        set up to _a_u_t_o_m_a_t_i_c_a_l_l_y execute any given utility as listed in one of the mail-
        cap files (see the _$_m_a_i_l_c_a_p___p_a_t_h (section 7.4.116  , page 114) variable for
-       details.) These utilities may have security issues like overriding arbitrary
-       files, contain exploitable bugs or just leak information which is a bad in com-
-       bination with running them without prompting. When using mutt-ng's autoview
+       details.)
+
+       These utilities may have a variety of security vulnerabilities, including
 
        The Mutt Next Generation E-Mail Client                                       79
 
-       mechanism involing use of mailcap files, please make sure that
+       overwriting of arbitrary files, information leaks or other exploitable bugs.
+       These vulnerabilities may go unnoticed by the user, especially when they are
+       called automatically (and without interactive prompting) from the mailcap
+       file(s). When using mutt-ng's autoview mechanism in combination with mailcap
+       files, please be sure to...
 
-          +o you manually select trustworthy applications with a reasonable calling
-            sequence
+          +o manually select trustworth applications with a reasonable calling sequence
 
-          +o you check the contents of mailcap files from time to time (for example
-            after doing software installations/upgrades)
+          +o periodically check the contents of mailcap files, especially after soft-
+            ware installations or upgrades
 
-          +o you, if you're the system's operator, always keep the software packages
-            involved up-to-date
+          +o keep the software packages referenced in the mailcap file up to date
 
-          +o you never ever change the default value of the _$_m_a_i_l_c_a_p___s_a_n_i_t_i_z_e (section
-            7.4.117  , page 115) variable
+          +o leave the _$_m_a_i_l_c_a_p___s_a_n_i_t_i_z_e (section 7.4.117  , page 115) variable in its
+            default state to restrict mailcap expandos to a safe set of characters
 
        _6_._4_._2  _O_t_h_e_r
 
@@ -4013,7 +4015,7 @@
 
        The Mutt Next Generation E-Mail Client                                       80
 
-            -A   expand an alias
+            -A      expand an alias
             -a      attach a file to a message
             -b      specify a blind carbon-copy (BCC) address
             -c      specify a carbon-copy (Cc) address
-- 
2.20.1