Hi!
I'm using UUCP (over ssh) and updating exim to 4.96 caused some fun with
tainted variables. The uucp transport config includes
command = uux - -r $host!rmail ($local_part@$domain)
to send emails to a UUCP smarthost. As $local_part and $domain are now
tainted for pipe tranports I get errors like:
user@??? R=uucp_smarthost T=uucp_pipe: Tainted arg 4 for uucp_pipe
transport command: 'user@???'
IIRC, the 'recommended' way to solve issues with tainted variables is to
perform a database lookup. In this case (routing via a UUCP smarthost) I
can't create a database with all possible recipients for obvious reasons.
Luckily I found a post
(
https://jimbobmcgee.wordpress.com/2020/07/29/de-tainting-exim-configuration-variables/)
which shows a hack to deal with this situation. However, I would prefer a
recommended solution (if available) or suggest to add an option to allow
tainted variables in a specific transport configuration.
ciao
Markus
--
/ Markus Reschke \
\ madires@??? /
