Re: [Exim] create_file = belowhome: unexpected behaviour

Góra strony
Delete this message
Reply to this message
Autor: Harald Meland
Data:  
Dla: Philip Hazel
CC: Ray Miller, exim-users
Temat: Re: [Exim] create_file = belowhome: unexpected behaviour
[Philip Hazel]

> Only a little while ago, On Fri, 1 Oct 1999, I wrote:
>
> > On Fri, 1 Oct 1999, Ray Miller wrote:
> >
> > > But if I specify "save /home/ray/../../tmp/foo" in the filter,
> >
> > Oh dear. I really don't have a devious enough mind! I will add a check
> > to the code to forbid .. components when that check is set. Thanks for
> > pointing out the problem.
>
> Here's a patch for Exim 3.03 that fixes this problem.


As far as I can see, a simple symlink ~/root -> / will still allow
users creating files anywhere they like (if they have write access).

To fix this, one would have to grind the destination through
realpath(3) (on systems that have such a thing) and compare the
resulting fully resolved destination with whatever restrictions there
are.
--
Harald