On Wed, 8 Jan 2020, Tobias Klausmann via Exim-users wrote:
> Hi!
>
> On Wed, 08 Jan 2020, Andrew C Aitchison via Exim-users wrote:
>> I see from your latest message that
>> /home/$local_part/... is tainted.
>> Would using $home - and check_local_user to set it - do what you need ?
>
> Indeed that seems to work. I change the earlier config thus:
>
> $ diff -Naur exim-old.conf exim.conf
> --- exim-old.conf 2020-01-08 10:02:17.450333630 +0100
> +++ exim.conf 2020-01-08 10:01:33.290288221 +0100
> @@ -103,18 +103,20 @@
> extension_user_verify:
> driver = accept
> local_part_suffix = -*
> - require_files = /home/$local_part/.mail-extensions
> + require_files = $home/.mail-extensions
> verify_only
> - condition = ${lookup{$local_part_suffix}lsearch{/home/$local_part/.mail-extensions}{yes}{no}}
> + check_local_user
> + condition = ${lookup{$local_part_suffix}lsearch{$home/.mail-extensions}{yes}{no}}
>
> extension_user_delivery_f:
> driver = redirect
> + check_local_user
> local_part_suffix = -*
> - require_files = /home/$local_part/.mail-extensions:/home/$local_part/.forward
> - condition = ${lookup{$local_part_suffix}lsearch{/home/$local_part/.mail-extensions}{yes}{no}}
> + require_files = $home/.mail-extensions:$home/.forward
> + condition = ${lookup{$local_part_suffix}lsearch{$home/.mail-extensions}{yes}{no}}
> user=$local_part
> check_ancestor
> - file = /home/$local_part/.forward
> + file = $home/.forward
> allow_filter
> allow_fail
> verify=false
> @@ -125,8 +127,9 @@
> extension_user_delivery:
> driver = accept
> local_part_suffix = -*
> - require_files = /home/$local_part/.mail-extensions
> - condition = ${lookup{$local_part_suffix}lsearch{/home/$local_part/.mail-extensions}{yes}{no}}
> + check_local_user
> + require_files = $home/.mail-extensions
> + condition = ${lookup{$local_part_suffix}lsearch{$home/.mail-extensions}{yes}{no}}
> user=$local_part
> verify=false
> transport = local_delivery
If you have check_local_user you shouldn't need user=$local_part as well.
> And this seems to work. I'll test it for a bit and report back.
>
> Is the use of $local_part in the transports seen as safe, or
> should I cange those to use $home as well?
On principle I would say change them too.
If $home and /home/$local_part are different directories which do you want ?
The one from the password file/database or the one derived from the
potential hacker's input ?
If /home fills up and you put a new user on a different
disk/partition/volume $home will still work, but /home/$local_part
would need attention ...
--
Andrew C. Aitchison Kendal, UK
andrew@???
