Re: [exim] Should the taint checks apply to arguments?

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Evgeniy Berdnikov
Date:  
À: exim-users
Sujet: Re: [exim] Should the taint checks apply to arguments?
On Tue, Jun 01, 2021 at 12:56:04PM +0200, Sebastian via Exim-users wrote:
> Fetching in the argument via environment variable is safe (as long as you in the script doesn't use
> it for something dangerous, but that▓s not exim's fault), since then you cannot use the variable to
> escape out of the shell.


There was a bug in Bash: any environment variable containing "name(){...}"
was interpreted as a function definition on shell startup. It has lead to
several exploits against Apache and other web servers distributed with
innocent shell scripts (such as "printenv") in cgi-bin adirectories.
--
Eugene Berdnikov