Re: [exim-dev] [PATCH 5/6] Add TRUSTED_CONFIG_PREFIX_FILE op…

Startseite
Nachricht löschen
Nachricht beantworten
Autor: David Woodhouse
Datum:  
To: exim-dev
Betreff: Re: [exim-dev] [PATCH 5/6] Add TRUSTED_CONFIG_PREFIX_FILE option
Slight update to this. I still haven't tested it fully, but it looks
reasonable in the cold light of day.

We need to allow only absolute paths in the trusted list, and we
*definitely* don't want to allow empty lines, which would match
anything. I'd like to complain if there's anything inappropriate in the
list, but it's too early to know if we're able to log yet.

Add the store_reset() that I forgot last night, too.

diff --git a/src/src/exim.c b/src/src/exim.c
index 9db61e2..6b82013 100644
--- a/src/src/exim.c
+++ b/src/src/exim.c
@@ -1888,7 +1888,7 @@ for (i = 1; i < argc; i++)
                 uschar *start = big_buffer, *nl;
                 while (*start && isspace(*start))
                 start++;
-                if (*start == '#')
+                if (*start != '/')
                   continue;
                 nl = Ustrchr(start, '\n');
                 if (nl)
@@ -1920,6 +1920,7 @@ for (i = 1; i < argc; i++)
                     break;
                     }
                   }
+                store_reset(reset_point);
                 }
               else
                 {
-- 
1.7.3.2




--
dwmw2