Re: [exim] Exim 4.84_2 #1 : WARNING: purging the environment…

Góra strony
Delete this message
Reply to this message
Autor: Always Learning
Data:  
Dla: Exim
Temat: Re: [exim] Exim 4.84_2 #1 : WARNING: purging the environment.

Hi Denis,


> I suspect the exploit goes something like this:
>
> exim calls perl routine(s) which calls external programs. Malicious
> user manipulates the search path etc so malicious user's external
> program(s) are called instead of the system versions. This is all
> done as a privileged user, so malicious user now has a shell running
> as that privileged user. Your system will shortly become toast...


There is no mention of perl_startup in any Exim configuration file.

${perl{...... is never used.

The danger appears to be from within Perl, as shown in Chapter 12.

    my $lp = Exim::expand_string('$local_part');


It would be nice if Exim refused sub-routine calls as shown in the above
example. Perhaps a new configuration parameter

    perl_allow_subroutines = NO ?


Thus    
    keep_environment = 


promotes safety ?


Thank you.


--
Regards,

Paul.
England, EU.      England's place is in the European Union.