Re: [exim] Transport command lookup, splitting argv[0] after…

Top Page
Delete this message
Reply to this message
Author: Dave Evans
Date:  
To: exim-users
Subject: Re: [exim] Transport command lookup, splitting argv[0] afterexpansion
On Wed, Sep 30, 2009 at 11:32:06AM +0200, Guillaume Blairon wrote:
> test_delivery:
> driver = pipe
> command = ${lookup{test}dbmnz{/tmp/test.db}}
>
> As you can see, argv[0] contains "/bin/echo test". I'm not a programming
> expert but according to execve(2), that's bad.
>
> Is this a normal behaviour ? If so, how can I ensure that exim will
> correctly split the command and its args before calling execve() ?


The 4.68 spec says: "The command is split up into separate arguments by Exim,
and each argument is separately expanded, as described in section 29.3". i.e.
the split into argv[0] + arguments happens /before/ expansion, not afterwards.
So yes, this behaviour is as per spec, and therefore normal.

Maybe you'd prefer:
command = sh -c ${lookup{test}dbmnz{/tmp/test.db}}
which is three arguments: "sh", "-c", and then the result of the expansion.

Insert usual security lecture here, which may or may not be appropriate
depending on your application.

Regards,

--
Dave Evans
http://djce.org.uk/
http://djce.org.uk/pgpkey