Re: [exim] Exim 4.94 Taint issues

Page principale
Ce message fait partie du fil suivant :
M--\Arborescence complète du fil triée par date
M..MAndrew C Aitchison à <-
M.MMAndreas Metzler à ->
Supprimer ce message
Répondre à ce message
Auteur: Dave Restall - System Administrator,,,
Date:  
À: exim-users
CC: doctor
Sujet: Re: [exim] Exim 4.94 Taint issues
Hi,

This time with a better formed subject line :-(

On Sat, 18 Jul 2020 14:12:52 +0100 The Doctor did write :

Snip...

> > On 2020-07-18 The Doctor via freebsd-ports <freebsd-ports@???> wrote:
> >
> > > Trying Exim 4.94 and I am getting
> > >
> > > 2020-07-17 19:28:04.818 [8344] 1jwbdQ-00023D-Cx == doctor@??? R=localuser T=local_delivery defer (-1) DT=0.001s: Tainted '/var/mail/doctor' (file or directory name for local_delivery transport) not permitted
> > ...
> > > 2020-07-17 19:30:09.228 [9608] 1jwbdQ-00023D-Cx == doctor@??? R=localuser T=local_delivery defer (-1) DT=0.001s: Tainted '/var/mail/doctor' (file or directory name for local_delivery transport) not permitted
> > >
> > > Why is this happening?
> >
> >
> If this the fact that the mail directory is set to chmod 1777 ?

Unlikely :-) 1777 is fairly common :-) and I bet it was working fine
before upgrading 4.94. Without looking at your configuration, I'd take
a guess that in your transports section, there will be a local_delivery
transport and it will include a line something like :-

file = /var/mail/$local_part

You will need to somehow de-taint $local_part. I'm not too sure of the
best way to that, I haven't looked too hard at the problem - I saw the
alarms on the list about 4.94 so put back my upgrade until I could devote
the time required to sort it out. I know it's going to be painful for
me because I am doing a lot of things that are broken by de-tainting.
I'm sure somebody will give you a couple of answers, YMMV of course :-)

De-tainting breaks a lot of things and probably merits a step point
release in exim, e.g. going to 4.1.0 rather than incrementing on the
current trunk.

Regards, 




D
lists/exim/users/2020-07-18.2.tx                               exim-users
+----------------------------------------------------------------------------+

| Dave Restall, Computer Anorak, Geek, Cyclist, Radio Amateur G4FCU, Bodger  |
| Mob +44 (0) 7973 831245      Skype: dave.restall             Radio: G4FCU  |
| email : dave@???  - Anti-SocialMediaist -  Web : Not Ready Yet :-( |
+- QOTD ---------------------------------------------------------------------+
| No stopping or standing.                                                   |
+----------------------------------------------------------------------------+



Ce message a été envoyé sur les listes de diffusion suivantes :
Exim-users
Informations sur la liste de diffusion | Messages voisins		<-[exim] (no subject)[exim] Taint mismatch, string_vformat: route_finduser 1143->
Tahini and Hummus and Cumin Development Archives administré par cumin AdminsLurker (version 2.3)