2020-11-10 Greg Minshall wrote:
i would guess using 'cat -v' to read e-mail is 100% safe. even throwing in uudecode(1), or whatever is needed to decode base64, (and then piping through 'cat -v', of course ), it's probably still safe.
Please, check that you have at least updated tmux before applying such "safe" handler: https://www.openwall.com/lists/oss-security/2020/11/05/3 The news are too recent to not mention the link in such context.
The sour story is that it is unsafe to feed non-trusted files directly to terminal. A filter against control sequences is required.
