Re: [exim] "allow_insecure_tainted_data = yes" - was: tainte…

Pàgina inicial
Delete this message
Reply to this message
Autor: Heiko Schlittermann
Data:  
A: exim-users
CC: Andreas Metzler
Assumpte: Re: [exim] "allow_insecure_tainted_data = yes" - was: tainted data issues
Andreas Metzler via Exim-users <exim-users@???> (Sa 10 Apr 2021 17:37:56 CEST):
> On 2021-04-06 Heiko Schlittermann via Exim-users <exim-users@???> wrote:
> [...]
> >         .ifdef _OPT_MAIN_ALLOW_INSECURE_TAINTED_DATA
> >         allow_insecure_tainted_data = yes
> >         .endif
> [...]
> > But as soon as the work stabilizes, it will be merged into the upstream
> > source. (For now, please expect changes in the commit history!)
> [...]
> > Suggestions, question, remarks are welcome.

>
> Thank you Heiko!
>
> I plan to add this to the next Debian release but without "taintwarn:
> set allow_insecure_data = true for 4.94+fixes". - I think it will work
> out better if we have a big fat warning


It would be good if we find more testers.
Anybody out there?

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
--
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -