Re: [exim] Tainting & rewrite rules

Góra strony
Delete this message
Reply to this message
Autor: Evgeniy Berdnikov
Data:  
Dla: exim-users
CC: Andreas Metzler
Temat: Re: [exim] Tainting & rewrite rules
Hello.

On Tue, Jan 14, 2020 at 08:09:41AM +0100, Andreas Metzler via Exim-users wrote:
> On 2020-01-13 Jeremy Harris via Exim-users <exim-users@???> wrote:
> > On 13/01/2020 14:02, Evgeniy Berdnikov via Exim-users wrote:
> > > debian package exim4-daemon-heavy_4.93-5_i386.
>
> > ooh - 32-bit? I wonder if the address-space layout is
> > different enough to invalidate the assumptions made by
> > the Linux makefiles, for taint-checks...
> [...]
>
> Hello,
>
> Evgeni, would you be able to doublecheck Jeremy's guess by trying an exim
> binary built with TAINT_CHECK_SLOW?
>
> Afaiui adding -DTAINT_CHECK_SLOW to CFLAGS (debian/rules line 29) should
> do the trick.


Andreas, I've rebuild exim4-93 with gcc-9.2.1 and -DTAINT_CHECK_SLOW
as you suggested (gcc-9.2.1) and it works fine. :) Manual checks reveal
no problems, and 2-hour run inside the same LXC container is successful.

I'll watch for the logs for some time and send a message to this list
if something fails. Thank you!
--
Eugene Berdnikov