Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:97600
Return-Path: <nikita.ppv@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 92999 invoked from network); 8 Jan 2017 22:31:08 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 8 Jan 2017 22:31:08 -0000
Authentication-Results: pb1.pair.com header.from=nikita.ppv@gmail.com; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=nikita.ppv@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.161.179 as permitted sender)
X-PHP-List-Original-Sender: nikita.ppv@gmail.com
X-Host-Fingerprint: 209.85.161.179 mail-yw0-f179.google.com  
Received: from [209.85.161.179] ([209.85.161.179:34459] helo=mail-yw0-f179.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id AB/FD-31343-BADB2785 for <internals@lists.php.net>; Sun, 08 Jan 2017 17:31:08 -0500
Received: by mail-yw0-f179.google.com with SMTP id w75so13492104ywg.1
        for <internals@lists.php.net>; Sun, 08 Jan 2017 14:31:07 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc;
        bh=pmQ66++osMBOleos25HTnv8spwUP6lnq1Q/61TAcceo=;
        b=uWjnf1rp4fnealxPaB8b1xAfEURb0hQs91E0aD+Ub7ETUYIYi76NjKs8qIPa3Wpshi
         WcKdv/bMw5Z2Gd96OBV/jc2SkS5BZmd2hkeUN7762xZVz780t4TIzLGqYYS4p5HyDdGx
         roUuxpHrNNlI0RQgEdJvlHJbUAX2/90KNGjgahKghovKrWYbhNTVGuwVdXFBwxo/trVj
         l2l9Ki231iQW5zRuYy7ZH+4Mm1lCFyu242Q5tpoBuHi/eYL+wqCpIY1va51v4f/oVXDt
         GpdJFOdS1gHV39DJoSpEWVx5qDm/10Uqryjpl89nBsrHeugZyLYLDAwylw+IJBaPLZMN
         2MoQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc;
        bh=pmQ66++osMBOleos25HTnv8spwUP6lnq1Q/61TAcceo=;
        b=DGaXqElPaB0aKtXDXqYLZcDoBKoUsENQiNn1DeCwfMxYWZ18DIazPtZA7P+JB9PfAs
         RfjhEpQ0a/axZEEu2oBqKSPMYoKrWUUlDcrAh03djRwNfkcduYR8XHFBZdkd9FVFEu3W
         J5R1gTs31sZXbUl9xPs2OZlmLjWsxdxm9b4vURvfUSiXnpCw9QB8KVqq3SrYX7jWyZZ7
         ncrDXYSo3A06YSOi+NLzVhhK2TYMIY17v8hFyv4trcxxYDa9Qz4KhsY/bIOTTP3bGhK6
         Nc06uYeFTiiQPH7fhM0gGw6B2jZc0ETflBkEKUrxoaSGPflUGnBnrdk91fFzgNOVgoGr
         luFA==
X-Gm-Message-State: AIkVDXL+RBq6yQDcTPjCtKNHid6zn4ic7koSaPs1nhsRFKHO4nVk7t9E/R6esDUkPZlqFbJBiTTmelHMJBFhiw==
X-Received: by 10.129.174.72 with SMTP id g8mr10343054ywk.254.1483914664662;
 Sun, 08 Jan 2017 14:31:04 -0800 (PST)
MIME-Version: 1.0
Received: by 10.129.80.215 with HTTP; Sun, 8 Jan 2017 14:31:04 -0800 (PST)
In-Reply-To: <CAGa2bXZuKmGJu2bnnoqi1DjnyvBL=9VLM=jgffXFfoWf4SJk3Q@mail.gmail.com>
References: <CAGa2bXbgPpO4CfHyHrDDhbXsysk7HDsc17nQoGtWNv4zdaq5kA@mail.gmail.com>
 <CAGa2bXZuKmGJu2bnnoqi1DjnyvBL=9VLM=jgffXFfoWf4SJk3Q@mail.gmail.com>
Date: Sun, 8 Jan 2017 23:31:04 +0100
Message-ID: <CAF+90c9fH4qUc8p4m5+8Q+P+gsKP8sOxGVw2sx5fSVvKHtf4Pg@mail.gmail.com>
To: Yasuo Ohgaki <yohgaki@ohgaki.net>
Cc: "internals@lists.php.net" <internals@lists.php.net>
Content-Type: multipart/alternative; boundary=f403045f6ca876db7005459ccefa
Subject: Re: [PHP-DEV] Re: Improving mail() 5th parameter handling
From: nikita.ppv@gmail.com (Nikita Popov)

--f403045f6ca876db7005459ccefa
Content-Type: text/plain; charset=UTF-8

On Sun, Jan 8, 2017 at 11:19 PM, Yasuo Ohgaki <yohgaki@ohgaki.net> wrote:

> Hi all,
>
> On Sun, Jan 8, 2017 at 6:57 AM, Yasuo Ohgaki <yohgaki@ohgaki.net> wrote:
>
> > All of us knew details of PHPMailer and Swift Mailer issues with mail()'s
> > 5th (additional_parameters) parameter by now, I suppose. Current behavior
> > (applying php_escape_shell_cmd to addtional_parameters) is not nice and
> > similar issue may raise with addtional_parameters in the future.
> >
> > The issue could be mitigated by allowing array addtional_parameter. It's
> > basically the same as 4th (addtional_header) parameter change which is
> > committed by me.
> >
> >  - Allow array additional_parameter and soft deprecate (document
> > deprecation) string one.
> >  - Use key as "option name" and validate chars
> >  - Use value as "option value" and validate some control chars then apply
> > escapeshellarg()
> >
> > Since we cannot assume which shell to be used with sendmail command/how
> > sendmail command is invoked, this is not complete solution. (This
> includes
> > php.ini option setting, i.e. sendmail_path and
> mail.force_extra_parameters)
> > This is a mitigation, but it seems we are better to have this to protect
> > PHP systems.
> >
> > Any comment for this change?
> > Or better, is anyone working on this?
> >
> > Removing 5th option may be good idea also. The most severe BC impact
> would
> > be SMTP authentication. If users need SMTP authentication (or any other
> > options) with sendmail command, mail.force_extra_parameters/
> sendmail_path
> > ini setting may be used.
> >
> > We cannot remove parameter suddenly. We may document deprecation now,
> > raise warning with 7.2, remove it by 7.3 or 8.0.
> >
> > Are there comments for removing 5th option?
> >
>
> If there isn't any preference, I would like to write RFC for removing
> 'addtional_parameters' option from mail()/mb_send_mail(). Command
> injections are still possible with INI settings. Users will notice risks by
> additional comments in php.ini-{production,development} and the manual
> when
> we remove 'addtional_parameters' option, hopefully.
>
> If anyone would like to keep mail()'s 'addtional_parameters' (5th) option,
> please let me know now.
>

Without this option, how do you specify the envelope sender? That seems to
be the primary use-case.

Nikita

--f403045f6ca876db7005459ccefa--