Also another thing is that there should be some way to "quote" a local part
so its detainted, WITHOUT having to know beforehand which local parts is
valid.
One example is this:
sms_transmit:
driver = accept
domains = +local_domains
local_parts = ^\\d\\d+\$
transport = sms_transport
no_more
sms_transport:
debug_print = "T: Sending SMS to $local_part"
driver = pipe
command = /usr/sbin/smsbot $local_part
return_output = true
user = asterisk
this calls a script, that are run as the "asterisk" user, which initiates a
SMS sending via Asterisk SIP Server.
And here the prequistes are pretty clear - ONLY local parts, which only
contain digits, that contain 2 or more digits are valid.
Theres no way an attacker can use this to "break free" and inject commands
into the smsbot delivery agent.
-----Ursprungligt meddelande-----
Från: Alexander Hoff via Exim-users <exim-users@???>
Skickat: den 18 juli 2020 14:18
Till: Exim-users <Exim-users@???>
Ämne: Re: [exim] Exim 4.94 Taint issues
On 2020-07-18 05:22, Andreas Metzler wrote:
> On 2020-07-18 The Doctor via freebsd-ports <freebsd-ports@???> wrote:
> > Trying Exim 4.94 and I am getting
>
>
> > 2020-07-17 19:28:04.818 [8344] 1jwbdQ-00023D-Cx == doctor@???
R=localuser T=local_delivery defer (-1) DT=0.001s: Tainted
'/var/mail/doctor' (file or directory name for local_delivery transport) not
permitted
>
> Exim specification, concept index, de-tainting.
>
This answer has been posted several times here and it's not so useful IMHO.
I think you're referring to this information:
https://www.exim.org/exim-html-current/doc/html/spec_html/ch-string_expansio
ns.html
Please put yourself in the position of the administrator. He may have been
using exim with his configuration for years - in my case it was over four
years - and suddenly the configuration is broken in several ways. Just
because of a minor version update.
Now you can find information like
https://git.exim.org/exim.git/blob/HEAD:/src/README.UPDATING and this is
incomplete. The change doesn't only break transports, routers are also
affected. This tainted thing affects many parts of the configuration and to
my option there is only a very rough explanation of the concept of
de-tainting.
Most administrators would just need a few (!) practical examples of how
de-tainting works, i.e. a before / after version of the configuration. I
would write it if I could, but I don't have the knowledge.
I've posted three examples here that work with exim < 4.94, but not with
exim >= 4.94 anymore. Unfortunately there were problems with the copy &
paste, so the configuration was broken. Here is a corrected version:
Routers
========
local_delivery:
driver = appendfile
directory = /home/${local_part}/.maildir
virtual_aliases:
driver = redirect
domains = lsearch; /etc/exim/virtual_domains
data = ${lookup{$local_part}lsearch{/etc/exim/$domain/aliases}}
no_more
Transport
=========
procmail:
driver = pipe
command = "/usr/bin/procmail -d $local_part"
return_path_add
delivery_date_add
envelope_to_add
user = $local_part
initgroups
return_output
Or take this example:
https://lists.exim.org/lurker/message/20200626.075008.113d07ad.en.html
I strongly believe it would be very helpful, if the developers would rewrite
some of these configurations and publish it in the documentation.
I think a lot of people are currently faced to problems because of this
change and I guess a lot of them just downgraded exim (for example:
https://forum.vestacp.com/viewtopic.php?f=12&t=19994) because this is
nothing you can repair in a hour or so.
--
## List details at
https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/