[exim-dev] [Bug 3065] local_part_data and domain_data not se…

Top Pagina
Delete this message
Reply to this message
Auteur: Exim Bugzilla
Datum:  
Aan: exim-dev
Onderwerp: [exim-dev] [Bug 3065] local_part_data and domain_data not set in autoreply transport once option
https://bugs.exim.org/show_bug.cgi?id=3065

Jeremy Harris <jgh146exb@???> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |INVALID


--- Comment #3 from Jeremy Harris <jgh146exb@???> ---
It's up to you in your config to obtain untainted data for use in various
situations.

Fundamentally this means using trusted data, stored on the system.
Using tainted values as index values for lookups in such local storage
is permitted and common. The lookup could be (eg.) in an SQL DB, for a file in
a
known directory, or in a list directly written in the config.

Using tainted data for a filename is one of those not-permissible things.


Try the Concept Index of the docs, under "detainting".

--
You are receiving this mail because:
You are on the CC list for the bug.

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-dev.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-dev-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/