[exim-dev] Re: Variable names

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Jeremy Harris
Date:  
À: exim-dev
Sujet: [exim-dev] Re: Variable names
On 06/07/2023 17:21, Andrew C Aitchison via Exim-dev wrote:
> I'm writing a CLIENTID extension for exim which will
> add some variables to be used in the exim config.
>
> One of them, call it "token", is unsafe and cannot be safely untainted
> (it is a string of "between 1 and 128 printable characters") so I am
> thinking of exposing a second variable which is the string hex-encoded.


That second one should also be tainted, in that case, so I don't see
it buys you anything. But - why does it matter if the value is
tainted? How is it expected to be used?
--
Cheers,
Jeremy


--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-dev.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-dev-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/