Re: [Exim] transport_filter insecure?

Top Page
Delete this message
Reply to this message
Author: Kirill Miazine
Date:  
To: exim-users
Subject: Re: [Exim] transport_filter insecure?
* Martin Buck [2003-10-05 21:03]:
> I just noticed that transport_filters have a (at least to me) rather
> surprising feature: They are run using the environment inherited from the
> exim process which in turn might be inherited from an arbitrary user. The
> problem is that they might be run with the uid of another user. Depending
> on what a specific filter does (e.g. whether it uses $PATH or not), this is
> a security hole.


If so, this is a security hole in the filter program.

> Even if this wouldn't be a security hole, it should be changed nevertheless
> since I can't imagine a case where the current behaviour would be useful. I
> noticed this bug originally when my transport_filter tried to run
> bogofilter with HOME=/root...


This is not a "bug".

--
Best wishes,
Kirill Miazine