On Thu, Jan 16, 2020 at 11:05:47AM +0000, Jeremy Harris via Exim-users wrote: > On 16/01/2020 10:30, Evgeniy Berdnikov via Exim-users wrote:
> > Maybe some variation of this approach have chances to survive, say,
> > special pools with "untainted" strings and special functions to put
> > a string to such pool after all checks (other strings should be
> > considered as "tainted").
>
> Oddly enough, that is exactly what is implemented for the "slow"
> version of taint-tracking.
Well, ater recompilation with -DTAINT_CHECK_SLOW (as Andreas Metzler
suggested) my test copy of Exim runs 2 days inside Linux LXC container
without problems. I belive this is a right way. Thank you.
--
Eugene Berdnikov