[Exim] create_file = belowhome: unexpected behaviour

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M 
M\Philip Hazel at ->
Delete this message
Reply to this message
Author: Ray Miller
Date:  
To: exim-users
Subject: [Exim] create_file = belowhome: unexpected behaviour
I have encountered some undesirable behaviour whereby users are able
to create files outside of their home directory despite having
specified "create_file = belowhome" in the transport.

The transport configuration is:

address_file:
driver = appendfile
create_file = belowhome
mbx_format
prefix =
delivery_date_add
envelope_to_add
return_path_add

and the director:

userforward:
driver = forwardfile
file = .forward
no_verify
no_expn
check_ancestor
filter
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply

Now, when I specify "save /tmp/foo" in the filter file, delivery fails
with the expected error:

1999-10-01 11:11:54 11WzfO-0004zc-00 == /tmp/foo <ray@XXXX>
T=address_file defer (2): No such file or directory: mailbox /tmp/foo
does not exist, but creation outside the home directory is not
permitted
1999-10-01 11:11:54 11WzfO-0004zc-00 Frozen

But if I specify "save /home/ray/../../tmp/foo" in the filter,
delivery succeeds:

1999-10-01 11:14:50 11WzfO-0004zc-00 => /home/ray/../../tmp/foo
<ray@XXXX> D=userforward T=address_file
1999-10-01 11:14:50 11WzfO-0004zc-00 Completed

Has anyone else encountered this and come up with a work-around?

Ray.
--
Ray Miller <Ray.Miller@???>
Unix Systems Programmer
Oxford University Computing Services



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[Exim] Out of swap space?[Exim] Exim & mailman - duplicates problem.->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)