[exim] Re: Upon applying 4.96-1 on test, "Tainted arg 2" app…

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Kurt Jaeger
Ημερομηνία:  
Προς: Johnnie W Adams
Υ/ο: exim-users
Αντικείμενο: [exim] Re: Upon applying 4.96-1 on test, "Tainted arg 2" appears
Hi!

>      I applied 4.96-1 to our test systems and routing to the LISTSERVer
> began to fail with "*Tainted arg 2* for listserv_transport transport
> command:<name of LISTSERV>

>
>      The transport is quite simple:

>
> # Hand off to LISTSERV lsv_admin script
>
> listserv_transport:
>
> driver = pipe
>
> command = "/opt/lsoft/listserv/bin/lsv_amin /opt/lsoft/listserv/spool
> $local_part"
>
> return_output
>
>      What changed? And how do I fix it?


Exim is now checking data from external sources much more rigerous
and does not longer trust it. For the concept behind this:

http://www.exim.org/exim-html-current/doc/html/spec_html/ch-concept_index.html

Search in that index for the keyword 'de-tainting'.

In your case: "$local_part" is tainted, and has to be changed
so that it can be considered trustworthy.

-- 
pi@???            +49 171 3101372                    Now what ?


--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/