On Thu, Jul 25, 2019 at 10:04:19AM +0100, Jeremy Harris via Exim-users wrote:
> If the effective configuration file for exim does not use sort
> then the system is trivially declarable as not being vulnerable.
> Use this command to check: "exim -bP config | grep sort".
The grep expression seems to be a bit over-zealous - it'll pick up
on, e.g., "remote_sort_domains" rather than just the sort expansion
operator. Or is "remote_sort_domains" also implicated?
If it's just the ${sort operator you're after, I think you want the
grep to be:
grep '\${[[:space:]]*sort'
?
--
Russell King
