Auteur: Phil Pennock Date: À: Guillaume Blairon CC: exim-users Sujet: Re: [exim] Transport command lookup,
splitting argv[0] after expansion
On 2009-09-30 at 11:32 +0200, Guillaume Blairon wrote: > 1 - Create a dbm with a key containing a command with 1 or more args :
> --
> $ perl -e 'dbmopen(my %db, "/tmp/test.db", 0666); $db{test} = "/bin/echo test"; dbmclose(%db);'
>
>
> 2 - Configure a simple transport looking up this command :
> --
> test_delivery:
> driver = pipe
> command = ${lookup{test}dbmnz{/tmp/test.db}} > lookup yielded: /bin/echo test
> direct command after expansion:
> argv[0] = /bin/echo test > As you can see, argv[0] contains "/bin/echo test". I'm not a programming
> expert but according to execve(2), that's bad.
>
> Is this a normal behaviour ? If so, how can I ensure that exim will
> correctly split the command and its args before calling execve() ?
You can read the documentation on the pipe transport to see what options
are available to tune its behaviour and what suggestions are made.
Eg, "29.3 How the command is run" will show you how to use { /bin/sh -c }
to work around this.
Or you might play with the "use_shell" option, to see how that affects
the behaviour.
The default behaviour assumes that the command is well known ahead of
time and that data can be arbitrary and untrusted, so shouldn't be split
on whitespace. By default, a shell is not used to invoke the command,
but you can manually choose to use a shell.