Re: [exim] router yields tainted data

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Niels Kobschätzki
Ημερομηνία:  
Προς: exim-users
Αντικείμενο: Re: [exim] router yields tainted data
Hi,

I found the problem. The server accessed the wrong configuration file because of a missing symlink.

Best

Niels

> On 28. Apr 2021, at 02:07, Niels Kobschätzki <niels@???> wrote:
>
> Hi,
>
> I have here a router which yields tainted data and I don‘t understand why - especially since it works on some machines and not on others:
>
> Log-output:
>
> exim -v -bt test@???
>
> LOG: MAIN PANIC
> Tainted filename '/usr/local/etc/exim/redirects/domain.com'
> test@??? cannot be resolved at this time: dynamic_reroute router: failed to expand "${readfile{/usr/local/etc/exim/redirects/$domain}{}}": failed to open /usr/local/etc/exim/redirects/domain.com: Permission denied (euid=0 egid=9025)
>
> dynamic_reroute:
>    driver = manualroute
>    transport = remote_smtp
>    domains = dsearch,ret=key;/usr/local/etc/exim/redirects
>    route_list = * ${readfile{/usr/local/etc/exim/redirects/$domain_data}{}}

>
> in the directory /use/local/etc/exit/redirects are files that look like „domain.com“ and contain just an ip-address.
>
> Why is the data tainted? I use a dsearch with a return-value and $domain_data for the route_list. So it should be de-tainted, shouldn‘t it?
>
> Best,
>
> Niels