On 06/07/2023 17:21, Andrew C Aitchison via Exim-dev wrote:
> I'm writing a CLIENTID extension for exim which will
> add some variables to be used in the exim config.
>
> One of them, call it "token", is unsafe and cannot be safely untainted
> (it is a string of "between 1 and 128 printable characters") so I am
> thinking of exposing a second variable which is the string hex-encoded.
That second one should also be tainted, in that case, so I don't see
it buys you anything. But - why does it matter if the value is
tainted? How is it expected to be used?
--
Cheers,
Jeremy
--
## subscription configuration (requires account):
##
https://lists.exim.org/mailman3/postorius/lists/exim-dev.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-dev-unsubscribe@???
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/