Re: [exim] Another strange log about tainting

Página Principal
Apagar esta mensagem
Responder a esta mensagem
Autor: Ian Zimmerman
Data:  
Para: exim-users
Assunto: Re: [exim] Another strange log about tainting
On 2019-12-10 21:08, Jeremy Harris wrote:

> Doublecheck with:
> $ exim -bP config_file
> $ exim -bP config | grep version


I see now - I call expand_string programatically in my dlexpand
modules.

So, next question: is the result of expand_string _always_ tainted? And
is there a way to get the version _at run time_ in some other way?

I am aware EXIM_VERSION_STR and its kin, but that is compile time.

--
Please don't Cc: me privately on mailing lists and Usenet,
if you also post the followup to the list or newsgroup.
To reply privately _only_ on Usenet and on broken lists
which rewrite From, fetch the TXT record for no-use.mooo.com.