diff options
| -rw-r--r-- | Mailman/Handlers/Sendmail.py | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/Mailman/Handlers/Sendmail.py b/Mailman/Handlers/Sendmail.py index 6beebca9e..a417993b6 100644 --- a/Mailman/Handlers/Sendmail.py +++ b/Mailman/Handlers/Sendmail.py @@ -22,6 +22,11 @@ expected that sendmail handles final delivery, message queueing, etc. The recipient list is only trivially split so that the command line is less than about 3k in size. +SECURITY WARNING: Because this module uses os.popen(), it goes through the +shell. This module does not scan the arguments for potential exploits and so +it should be considered unsafe for production use. For performance reasons, +it's not recommended either -- use the SMTPDirect delivery module instead. + """ import string |