[exim] Re: tainted uux transport

Página Inicial
Delete this message
Reply to this message
Autor: Jeremy Harris
Data:  
Para: exim-users
Assunto: [exim] Re: tainted uux transport
On 30/07/2023 18:30, Randy Bush via Exim-users wrote:
> 2023-07-30 14:23:11 1qQ7KA-000BIX-27 ** foo@??? R=force_uucp T=uux: Tainted
> arg 4 for uux transport command: '(@foo.com)'
>
> uux:
>    driver = pipe
>    command = "/usr/local/bin/uux - -r $host!rmail ($local_part_suffix@$domain)"
>    path = "/usr/local/bin:/usr/bin:/bin"
>    return_fail_output
>    user = uucp


The docs have notes on tainted variables, what you
are no longer permitted to do, and on obtaining untainted
information. Start with the Concept Index.

If the router that selects that transport is specific for
a single domain, that is the ideal place.

--
Cheers,
Jeremy

PS: I'm amazed that someone still uses UUCP

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/