On 06/07/2023 17:21, Andrew C Aitchison via Exim-dev wrote:
I'm writing a CLIENTID extension for exim which will
add some variables to be used in the exim config.
One of them, call it "token", is unsafe and cannot be safely untainted
(it is a string of "between 1 and 128 printable characters") so I am
thinking of exposing a second variable which is the string hex-encoded.
That second one should also be tainted, in that case, so I don't see
it buys you anything. But - why does it matter if the value is
tainted? How is it expected to be used?
--
Cheers,
Jeremy
--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-dev.lists.exim.org/
## unsubscribe (doesn't require an account):
## [email protected]
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
