[exim] Tainted filename after update to debian bookworm

Pàgina inicial
Delete this message
Reply to this message
Autor: klabautermann--- via Exim-users
Data:  
A: Exim Users
Assumpte: [exim] Tainted filename after update to debian bookworm
After upgrading to debian bookworm I can't send any longer messages, as my ACLs are broken.

I receive the error message: "Tainted filename for search", when doing a check, if a given Sender address is allowed to be used from an authenticated sender.

I have several virtual domains, with users, who have also aliases, they are allowed to use as Sender addresses.
The condition in the ACL looks like:
>condition = ${lookup {$sender_address} nwildlsearch {VIRT_ROOT${domain:$authenticated_id}/conf/SendPermissions/$authenticated_id}{yes}{no}}


Now I found, that I am no longer allowed, to use $domain in such constructs, so I replaced it with
>condition = ${lookup {$sender_address} nwildlsearch {VIRT_ROOT${domain_data:$authenticated_id}/conf/SendPermissions/$authenticated_id}{yes}{no}}


But that makes no difference.

The lookup database is a hierarchical directory structure and looks like:
/var/virtualmailaccounts/DOMAIN/conf/SendPermissions/LOGINACCOUNT@DOMAIN <http://wkraft.org/conf/SendPermissions/workstation@wkraft.org>
so the last directory looks like the mail-address used for login authentication to exim and contains a list with valid aliases.

What can I do, that I can get this again working?

--
Sent with Tuta; enjoy secure & ad-free emails:
https://tuta.com

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/