Re: [exim] Does exim4's `${sqlite_quote ... }` expansion de-…

Páxina inicial
Esta mensaxe é parte do seguinte fío:
M-\Árbore completa do fío ordenada por data
M\MAndrew C Aitchison o <-
MMMNick o ->
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Jeremy Harris
Data:  
Para: Nick, Nick via Exim-users, exim-users
Asunto: Re: [exim] Does exim4's `${sqlite_quote ... }` expansion de-taint the expanded value?
On 19 August 2022 17:04:22 BST, Nick via Exim-users <exim-users@???> wrote:
>Hello Exim users,
>
>I've a problem with Sqlite lookups and tainting.

>> My suspicion therefore is that it's actually the presence of
>> |$local_part| in the query which is the problem, and not the
>filename

>Is anyone here able to help with this question?


See the preferred syntax at

http://exim.org/exim-html-current/doc/html/spec_html/ch-file_and_database_lookups.html#SECTsqlite

The older syntax was unsuitable
for distinguishing the taint status of
the filename and the query string.

Esta mensaxe foi enviada ás seguintes listas:
Exim-users
Información da lista | Mensaxes recentes		<-Re: [exim] Does exim4's `${sqlite_quote ... }` expansion de-taint the expanded value?Re: [exim] Tainted arg 2 for mailman_transport transport command->
Tahini and Hummus and Cumin Development Archives administrado por cumin AdminsLurker (versión 2.3)