Re: [exim] Exim.conf and tainted data

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Jeremy Harris
Datum:  
To: exim-users
Betreff: Re: [exim] Exim.conf and tainted data
On 01/10/2021 18:34, Matthew Daubenspeck via Exim-users wrote:
> local_aliases:
>     driver = redirect
>     allow_defer
>     allow_fail
>     domains = lsearch;/etc/exim/config/local.domains
>     data = ${lookup{$local_part}lsearch{/etc/exim/config/$domain/local.aliases}}


$domain contains tainted data and may not be used to specify
a file.

However, the "domains" precondition on the router will have
populated $domain_data with what is likely a suitable value
to use. The value is not tainted.

>     file_transport = address_file
>     pipe_transport = address_pipe
>     retry_use_local_part
>     cannot_route_message = Unknown user
>     no_more

>
>
> transports:
>
> local_delivery:
>    driver = appendfile
>    directory =/home/$local_part/.maildir


$local_part contains tainted data and may not be used to specify
a file.

If this is a delivery to a "real" user, existing in /etc/password
with a real home directory, and the router calling this
transport used a "check_local_user" option, then $local_part_data
will have been set to a suitable untainted value.

Otherwise, your router should be doing an explicit lookup to
check that the local_part is legitimate. Doing this using a
"local_parts" precondition will result in $local_part_data
being populated.

>    maildir_format
>    delivery_date_add
>    envelope_to_add
>    return_path_add



--
Cheers,
Jeremy