Re: [exim] Taint checker confusing error (blaming file but c…

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Jeremy Harris
Datum:  
To: exim-users
Betreff: Re: [exim] Taint checker confusing error (blaming file but caused by later ldap lookup)
On 22/12/2021 13:11, Michael Haardt via Exim-users wrote:
>>> Perhaps quote_ldap should return an untainted string?
>>
>> No, it does no real checking so would just be
>> an easy thing to abuse.
>
> How would you do that? After all, originally it was introduced to prevent
> just that, so people need to know.
>
> Or are you talking about using quote_ldap outside the scope of ldap queries?


The latter. Having quote_ldap do a detaint operation
would be foolish, because it could (and would) be used in
any context, including non-ldap-lookup ones, to defeat the
purpose of taint-tracking. It could even potentially be
used as part of an exploit.

My "it" was referring to quote_ldap.
--
Cheers,
Jeremy