Re: [exim] Database lookup tainted

Página Inicial
Delete this message
Reply to this message
Autor: daniel
Data:  
Para: Jeremy Harris, exim-users
Assunto: Re: [exim] Database lookup tainted
The only thing I replaced is database name, database user and password.

so it is "127.0.0.1/mail/mailro/mysupersecretpassword"
(password obviously changed), it doesn't say anything else...

Pasting the full line here again:
message: failed to expand "${lookup pgsql {servers=127.0.0.1/xx/xx/xx; SELECT string_agg(DISTINCT userid,',') AS target FROM aliases WHERE address='${quote_pgsql:$local_part@$domain}';}}": lookup of "servers=127.0.0.1/xx/xx/xx; SELECT string_agg(DISTINCT userid,',') AS target FROM aliases WHERE address='xx@xxxx';" gave DEFER: PostgreSQL server "127.0.0.1/xx/xx/xx" is tainted


And pasting that line here again in base64 to ensure it is not mangled...:

bWVzc2FnZTogZmFpbGVkIHRvIGV4cGFuZCAiJHtsb29rdXAgcGdzcWwge3NlcnZlcnM9MTI3LjAu
MC4xL3h4L3h4L3h4OyBTRUxFQ1Qgc3RyaW5nX2FnZyhESVNUSU5DVCB1c2VyaWQsJywnKSBBUyB0
YXJnZXQgRlJPTSBhbGlhc2VzIFdIRVJFIGFkZHJlc3M9JyR7cXVvdGVfcGdzcWw6JGxvY2FsX3Bh
cnRAJGRvbWFpbn0nO319IjogbG9va3VwIG9mICJzZXJ2ZXJzPTEyNy4wLjAuMS94eC94eC94eDsg
U0VMRUNUIHN0cmluZ19hZ2coRElTVElOQ1QgdXNlcmlkLCcsJykgQVMgdGFyZ2V0IEZST00gYWxp
YXNlcyBXSEVSRSBhZGRyZXNzPSd4eEB4eHh4JzsiIGdhdmUgREVGRVI6IFBvc3RncmVTUUwgc2Vy
dmVyICIxMjcuMC4wLjEveHgveHgveHgiIGlzIHRhaW50ZWQK

2. Juni 2020 14:28, "Jeremy Harris via Exim-users" <exim-users@???> schrieb:

> On 02/06/2020 13:20, exim.org--- via Exim-users wrote:
>
>> 12:19:39.352 12159 message: failed to expand [...] DEFER: PostgreSQL server "127.0.0.1/xx/xx/xx" is
>> tainted
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
> Unfortunately due to your obfuscation I cannot help further.
> --
> Cheers,
> Jeremy
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org
> ## Please use the Wiki with this list - http://wiki.exim.org