Re: [exim] 4.94 - De-tainting without lookup?

Top Page
Delete this message
Reply to this message
Author: Sebastian Nielsen
Date:  
To: Michael Haardt, exim-users
Subject: Re: [exim] 4.94 - De-tainting without lookup?
Its better to have it always return, but with any "dangerous" characters stripped instead.
-------- Originalmeddelande --------Från: Michael Haardt via Exim-users <exim-users@???> Datum: 2020-06-29 09:17 (GMT+01:00) Till: exim-users@??? Ämne: Re: [exim] 4.94 - De-tainting without lookup? Matthias Hörmann via Exim-users <exim-users@???> wrote:> This essentially gets me back to where I started. I *want* any domains> and local parts to be created as part of this process. I can live with> the case where it won't create paths with dangerous characters (that> never happened on dozens of servers in years of using this config,> possibly because we filter addresses for valid characters in our ACLs)> but I can not live with having to know any possible domain and local> part in advance.That is a valid use case.  I believe we need an alternative way toverify tainted strings.  The solution Jeremy gave was right in spirit,but lookups shouldn't be the only way to verify strings.  It would bepossible to encode additional verification methods in lookups, though.Partially dsearch does that by not allowing "." and ".." as keys.A lookup either returns data or fails, and that's exactly the interfaceverification needs.For file systems, a function/lookup that verifies a part is a pathcomponent (no slash inside), not . or .., and of a certain maximum length,would be helpful.  Perhaps it needs a base directory to use pathconf()?Michael-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users## Exim details at http://www.exim.org/## Please use the Wiki with this list - http://wiki.exim.org/