[exim] Tainted filename for search

Author: Laura Williamson
Date:
To: exim-users
Subject: [exim] Tainted filename for search

Hi folks

I have an issue that only appears when using 4.94. I use this to lookup
dkim information for signing outgoing emails

dkim_selector = ${lookup sqlite {/usr/exim/dkimcertificates select
selector from dkimcerts where domain='$sender_address_domain'}{$value}}
dkim_private_key = ${lookup sqlite {/usr/exim/dkimcertificates select
cert from dkimcerts where domain='$sender_address_domain'}{$value}}

I get this message in my log

Tainted filename for search: '/usr/exim/dkimcertificates'

Does anybody have any idea how to fix this? Works in 4.93.

Rgds

This message is part of the following thread:
	the complete thread tree sorted by date

	Jeremy Harris at