Re: [exim] dynamically loaded lookups - was Re: Exim 4.74 im…

Góra strony
Delete this message
Reply to this message
Autor: Dr Andrew C Aitchison
Data:  
Dla: Exim Users
CC: Dr Andrew C Aitchison
Temat: Re: [exim] dynamically loaded lookups - was Re: Exim 4.74 imminent, security fix
On Wed, 26 Jan 2011, Phil Pennock wrote:

> On 2011-01-26 at 10:14 +0000, Dr Andrew C Aitchison wrote:
>>
>> The diff from 4.73 is big enough that it isn't trivially obvious
>> that the are sanity checks to stop a (local) hacker from substituting
>> non-standard libraries. Can you confirm this ?
>
> Yes.
>
> All dynamically loadable lookups must be stored in a directory whose
> name is specified at compile-time. Lookup names can not be specified,
> so there are no directory traversal attacks; instead, that directory is
> scanned, on every Exim invocation, and Exim attempts to load files
> therein. [Exim re-invokes itself for every delivery attempt, so that's
> quite often.]


Thanks for the reassurance and saving me from sending tghe time reading
the code.

-- 
Dr. Andrew C. Aitchison        Computer Officer, DPMMS, Cambridge
A.C.Aitchison@???    http://www.dpmms.cam.ac.uk/~werdna