Re: [exim] "allow_insecure_tainted_data = yes" - was: tainte…

Top Page
Delete this message
Reply to this message
Author: Heiko Schlittermann
Date:  
To: exim-users
CC: Andreas Metzler
Subject: Re: [exim] "allow_insecure_tainted_data = yes" - was: tainted data issues
Hi Andreas,

which commit ID your build is based on? I'd like to reproduce it
locally.

Andreas Metzler via Exim-users <exim-users@???> (So 11 Apr 2021 08:51:48 CEST):
> On 2021-04-06 Heiko Schlittermann via Exim-users <exim-users@???> wrote:
> [...]
> >         .ifdef _OPT_MAIN_ALLOW_INSECURE_TAINTED_DATA
> >         allow_insecure_tainted_data = yes
> >         .endif

>
> Hello,
>
> I just did a test build on the fixes branch, added the
> allow_insecure_tainted_data setting and changed the mail_spool
> transport:
> - file = /var/mail/$local_part_data
> + file = /var/mail/$local_part
>
> Success was limited though. Without the patch the message delivery is
> deferred. With the patch the message is frozen for
> "allow_insecure_tainted_data = yes" (log file excerpt below).
>
> ==> /var/log/exim4/mainlog <==
> 2021-04-11 08:26:08 1lVTXs-000F7W-0D <= ametzler@??? H=localhost (argenau.bebt.de) [::1] P=esmtp S=476 id=20210411082607.058125@???
> 2021-04-11 08:26:08 1lVTXs-000F7W-0D failed to read delivery status for ametzler@localhost from delivery subprocess
>
> Debug log:


> 08:26:08 58130             ╰──(tainted)
> 08:26:08 58130 LOG: MAIN
> 08:26:08 58130   Warning: Tainted '/var/mail/ametzler' (file or directory name for mail_spool transport) not permitted
> 2021-04-11 08:26:08 1lVTXs-000F7W-0D Warning: Tainted '/var/mail/ametzler' (file or directory name for mail_spool transport) not permitted


> 08:26:08 58130 lock name: /var/mail/ametzler.lock
> 08:26:08 58130 hitch name: /var/mail/ametzler.lock.argenau.bebt.de.60729680.0000e312
> 08:26:08 58130 LOG: MAIN
> 08:26:08 58130 Warning: Tainted filename '/var/mail/ametzler.lock.argenau.bebt.de.60729680.0000e312'


> 08:26:08 58128 LOG: MAIN PANIC
> 08:26:08 58128 failed to read delivery status for ametzler@localhost from delivery subprocess


Is there any indication that the child (delivery process) crashed?

> BTW the build-log with patch is very noisy:
> -------------------
> cc -c -g -O2 -ffile-prefix-map=/dev/shm/EXIM4/exim-4.94=. -fstack-protector-strong -Wformat -Werror=format-security -D_LARGEFILE_SOURCE -fno-strict-aliasing -Wall -Wdate-time -D_FORTIFY_SOURCE=2 -fvisibility=hidden -DCOMPILE_UTILITY -o util-spool_in.o spool_in.c
> In file included from exim.h:486,


I'll check that noise. Thx.

--
Heiko