Re: [exim] router yields tainted data

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Niels Kobschätzki
Date:  
À: exim-users
Sujet: Re: [exim] router yields tainted data
Hi,

I found the problem. The server accessed the wrong configuration file because of a missing symlink.

Best

Niels

> On 28. Apr 2021, at 02:07, Niels Kobschätzki <niels@???> wrote:
>
> Hi,
>
> I have here a router which yields tainted data and I don‘t understand why - especially since it works on some machines and not on others:
>
> Log-output:
>
> exim -v -bt test@???
>
> LOG: MAIN PANIC
> Tainted filename '/usr/local/etc/exim/redirects/domain.com'
> test@??? cannot be resolved at this time: dynamic_reroute router: failed to expand "${readfile{/usr/local/etc/exim/redirects/$domain}{}}": failed to open /usr/local/etc/exim/redirects/domain.com: Permission denied (euid=0 egid=9025)
>
> dynamic_reroute:
>    driver = manualroute
>    transport = remote_smtp
>    domains = dsearch,ret=key;/usr/local/etc/exim/redirects
>    route_list = * ${readfile{/usr/local/etc/exim/redirects/$domain_data}{}}

>
> in the directory /use/local/etc/exit/redirects are files that look like „domain.com“ and contain just an ip-address.
>
> Why is the data tainted? I use a dsearch with a return-value and $domain_data for the route_list. So it should be de-tainted, shouldn‘t it?
>
> Best,
>
> Niels