Autor: Jeremy Harris Datum: To: exim-users Betreff: Re: [exim] exim-4.96rc0 Tainted arg
On 03/05/2022 13:22, Odhiambo Washington via Exim-users wrote: > Question is whether I am creating a security loophole by doing the above.
So long as the selection parameter "username" is a plain-old
column in your DB (and not some magic way of cooking the
"where" selectors) that looks fine.
I don't know if MySQL can do anything like the latter,
but if you are looking up real data in the DB, as most
people use a DB, you're good.