Autore: Jeremy Harris Data: To: exim-users Oggetto: Re: [exim] Taint checker confusing error (blaming file but caused
by later ldap lookup)
On 22/12/2021 13:11, Michael Haardt via Exim-users wrote: >>> Perhaps quote_ldap should return an untainted string?
>>
>> No, it does no real checking so would just be
>> an easy thing to abuse.
>
> How would you do that? After all, originally it was introduced to prevent
> just that, so people need to know.
>
> Or are you talking about using quote_ldap outside the scope of ldap queries?
The latter. Having quote_ldap do a detaint operation
would be foolish, because it could (and would) be used in
any context, including non-ldap-lookup ones, to defeat the
purpose of taint-tracking. It could even potentially be
used as part of an exploit.
My "it" was referring to quote_ldap.
--
Cheers,
Jeremy
