Re: [exim] tainted data issues

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Heiko Schlittermann
Date:  
À: exim-users
Sujet: Re: [exim] tainted data issues
Hi,

I welcome the suggestions, especially the idea about gradually enabling
taintchecks, to allow a smooth transition, as suggested by Mike Tubby.

taint_mode = yes | no | warn

Another idea from my side (it's similar to Sebastian N's idea)

>   begin transports
>     smtp:
>       driver = smtp
>       dkim_domain = $sender_address_domain
>       dkim_selector = 2020-08-25
>       dkim_private_key = /etc/exim/dkim/$dkim_selector.$dkim_domain.pem


We could provide taint checks for different situations, as the risk of
using tainted data depends on the usage of the data (filename, log
message, lookup key, …)

Provide a new set of functions:

        ${XXX{<string1>}{<string2>}{<string3>}}
        ${XXX{<string1>}{<string2>}fail}
        ${XXX{<string1>}{<string2>}}


With XXX as
        - file  (no "/")
        - path  (no "..")
        - line  (no "\r", "\n")
        ...


        dkim_private_key = /etc/exim/dkim/${file{$dkim_selector.$dkim_domain.pem}}
        or
        dkim_private_key = ${path{/etc/exim/dkim/$dkim_selector.$dkim_domain.pem}}


This can give us flexibility where the current lookup based way of
untainting doesn't work.


    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
--
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -