Re: [exim-dev] [PATCH 5/6] Add TRUSTED_CONFIG_PREFIX_FILE op…

Inizio della pagina
Delete this message
Reply to this message
Autore: David Woodhouse
Data:  
To: exim-dev
Oggetto: Re: [exim-dev] [PATCH 5/6] Add TRUSTED_CONFIG_PREFIX_FILE option
Slight update to this. I still haven't tested it fully, but it looks
reasonable in the cold light of day.

We need to allow only absolute paths in the trusted list, and we
*definitely* don't want to allow empty lines, which would match
anything. I'd like to complain if there's anything inappropriate in the
list, but it's too early to know if we're able to log yet.

Add the store_reset() that I forgot last night, too.

diff --git a/src/src/exim.c b/src/src/exim.c
index 9db61e2..6b82013 100644
--- a/src/src/exim.c
+++ b/src/src/exim.c
@@ -1888,7 +1888,7 @@ for (i = 1; i < argc; i++)
                 uschar *start = big_buffer, *nl;
                 while (*start && isspace(*start))
                 start++;
-                if (*start == '#')
+                if (*start != '/')
                   continue;
                 nl = Ustrchr(start, '\n');
                 if (nl)
@@ -1920,6 +1920,7 @@ for (i = 1; i < argc; i++)
                     break;
                     }
                   }
+                store_reset(reset_point);
                 }
               else
                 {
-- 
1.7.3.2




--
dwmw2