Re: [exim] Taint checker confusing error (blaming file but c…

Top Page
Delete this message
Reply to this message
Author: Jeremy Harris
Date:  
To: exim-users
Subject: Re: [exim] Taint checker confusing error (blaming file but caused by later ldap lookup)
On 22/12/2021 13:48, Michael Haardt via Exim-users wrote:
>> LOCALDOM = /etc/exim4/localdomains
>> domainlist d1 = @:localhost:LOCALDOM
>> domainlist d2 = ldap;ldap::///ou=mail,dc=do,dc=main?mailDomain?sub?mailDomain=$domain
>> domainlist local_domains = +d1 : +d2


> Why would that not be tainted? The $domain string "*" would still
> be good for a surprise, so taint checking is really needed here,
> as is quoting.


Unsure which "that" you mean.

Yes, $domain will be tainted. Using it as part of the
conditions in a lookup is still permitted; the taint-tracking
is not intended to stop that (because it is in general a useful
facility). But *that* domainlist, d2, does not also have
a file as a list-element - so the string-expansion of the
definition string (which becomes tainted) does not affect one.

The hope is that the string-expansion phases for the sub-lists
making up local_domains are done lazily. I could go look at
the coding, but I'm also lazy.

Yes, for the ldap lookup here, quoting should be done.
--
Cheers,
Jeremy