On Thu, 6 May 2021, admin--- via Exim-dev wrote:
> As per the documentation
> https://www.exim.org/exim-html-current/doc/html/spec_html/ch-content_scanning_at_acl_time.html#SECTscanmimepart
> the option 'decode = $mime_filename' can be used however within the MIME ACL.
> This now fails due to the filename being tainted.
... ...
> Using 'decode = default' solves the issue and the documentation also does
> mention "However, you should keep in mind that $mime_filename might contain
> anything.". So not sure how this should be dealt with. I can only see 2
> options:
>
> 1. Remove the ability to use decode = $mime_filename or
> 2. Remove the taint check on $mime_filename and warn the OP that this is
> dangerous (this is probably not a good idea)
>
>
> Is there an alternative approach?
Yes. Detaint in the usual way, probably with a lookup.
If you are decoding the mime file with its real name you must
have a reason, perhaps to make them available on a web page.
It would then be reasonable to check that the filename was
sensible in that context.
I wouldn't see a database looking as the mot obvious way to sanitize
the filename, but we do already have the tools to turn a pattern
matching into a lookup, so the flexibility is there.
--
Andrew C. Aitchison Kendal, UK
andrew@???
