Re: [exim] exim-4.96RC0 - broken Mailman (2.x)

Góra strony
Delete this message
Reply to this message
Autor: Michael Haardt
Data:  
Dla: exim-users
Temat: Re: [exim] exim-4.96RC0 - broken Mailman (2.x)
Andrew C Aitchison <andrew@???> wrote:

> > I don't understand why require_files did not trigger the check, though,
> > but using the tainted variable $local_part there will be a problem.
>
> As I understand, "require_files" detaints,
> since a secure file-system is a database of trust.


The file system is, but $local_part could be "../whatever", ending up in
a quite different file than what the admin had in mind, so using
require_files on a tainted value should cause an error. However,

https://www.exim.org/exim-html-current/doc/html/spec_html/ch-generic_options_for_routers.html

does not say anything regarding tainted values one way or the other.

dsearch does not allow ".." as path component.

Michael