[exim] Re: Untainting data and Vacation configuration

Páxina inicial
Esta mensaxe é parte do seguinte fío:
MÁrbore completa do fío ordenada por data
MIan Z via Exim-users o <-
M 
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Glenn Gregorec
Data:  
Para: exim-users
Asunto: [exim] Re: Untainting data and Vacation configuration
Thank You Ian!

I have updated my lookup to this:

local_parts                 =
${lookup{${local_part}@${domain}}lsearch,{/usr/local/etc/dovecot/users}{$local_part}{no}}

This returns:

 internal_search_find: file="/usr/local/etc/dovecot/users"
   type=lsearch key="emailUser@???" opts=NULL
 file lookup required for emailUser@???
   in /usr/local/etc/dovecot/users
 creating new cache entry
 lookup yielded:
{BLF-CRYPT}$2a$05$xqWtKL1l.e3B98ISN0xbxOSROOIcMgAn6hIBZ7J9tHp/Wu28jvJfy::::::
emailUser in "emailUser"?
 list element: emailUser
 emailUser in "emailUser"? yes (matched "emailUser")
ROUTER - vacationUser for emailUser@emailDomain - Local_part_data is
emailUser - Domain_data is emailDomain
calling vacationUser router
rda_interpret (file):
'/var/vmail/$domain_data/$local_part_data@$domain_data/.vacation.msg'
expanded:
'/var/vmail/emailDomain/emailUser@???/.vacation.msg' (tainted)
vacationUser router: defer for emailUser@???
  message: Tainted name
'/var/vmail/emailDomain.com/emailUser@???/.vacation.msg' for
file read not permitted

This gets the lookup to work.  However, my $domain_data and
$local_part_data are still tainted?  Everything I have read says they
should only have untainted data.  What am I doing wrong?  :-/

Thank You!

glenn



On 2024-03-22 12:20 PM, Ian Z via Exim-users wrote:
> On Fri, Mar 22, 2024 at 11:51:05AM -0700, Glenn Gregorec via Exim-users wrote:
>
>> emailUser in "emailUser@???"?
>> list element: emailUser@???
>> emailUser in "emailUser@???"? no (end of list)
>> Is this not trying to lookup the string "emailUser" in the string
>> "emailUser@???"? Should this not return true?
> This part is easy: the answer is no. "List" in exim is a technical term,
> they are more structured than mere strings.
>
> emailUser in "emailUser : emailDomain.com"
>
> would return true.
>


--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Esta mensaxe foi enviada ás seguintes listas:
Exim-users
Información da lista | Mensaxes recentes		<-[exim] Re: Untainting data and Vacation configuration[exim] Re: Select a router per recipient on incoming messages->
Tahini and Hummus and Cumin Development Archives administrado por cumin AdminsLurker (versión 2.3)