I understand why it is dangerous to use tainted data in constructing
filenames so I can no longer run a command containing the local_part,
e.g.
data = |/home/exim/scripts/$local_part
I see that it is also an error to use, e.g.
data = |/home/exim/scripts/my_script $local_part
In this case the script is fixed and the tainted data is being used as
an argument. Is that still dangerous? The script can pick up the
local_part from the LOCAL_PART environment variable.
Richard
--
Richard Gilbert
IT Services
University of Sheffield, Sheffield, S10 2FN, UK
Phone: +44 114 222 3028
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
filenames so I can no longer run a command containing the local_part,
e.g.
data = |/home/exim/scripts/$local_part
I see that it is also an error to use, e.g.
data = |/home/exim/scripts/my_script $local_part
In this case the script is fixed and the tainted data is being used as
an argument. Is that still dangerous? The script can pick up the
local_part from the LOCAL_PART environment variable.
Richard
--
Richard Gilbert
IT Services
University of Sheffield, Sheffield, S10 2FN, UK
Phone: +44 114 222 3028
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/