Re: [exim] de-tainting

Página superior
Eliminar este mensaje
Responder a este mensaje
Autor: Kurt Jaeger
Fecha:  
A: exim-users
Asunto: Re: [exim] de-tainting
Hi!

> That fact that string sub-sitution and matching parts don't even work
> now is a real problem...
>
> data = ${expand:"|/command -c ${if match
> {$local_part}{.*foo[\-\+]([a-z0-9]+).*}{$1}{}}"}


One thing I'll test is if we hand values over to perl, maybe
we'll get back untainted value...

Or did me beat someone to that already ? 8-}

-- 
pi@???            +49 171 3101372                    Now what ?