Andrew C Aitchison <andrew@???> wrote:
> > I don't understand why require_files did not trigger the check, though,
> > but using the tainted variable $local_part there will be a problem.
>
> As I understand, "require_files" detaints,
> since a secure file-system is a database of trust.
The file system is, but $local_part could be "../whatever", ending up in
a quite different file than what the admin had in mind, so using
require_files on a tainted value should cause an error. However,
https://www.exim.org/exim-html-current/doc/html/spec_html/ch-generic_options_for_routers.html
does not say anything regarding tainted values one way or the other.
dsearch does not allow ".." as path component.
Michael
