On Wed, 26 Jan 2011, Phil Pennock wrote: > On 2011-01-26 at 10:14 +0000, Dr Andrew C Aitchison wrote: >> >> The diff from 4.73 is big enough that it isn't trivially obvious >> that the are sanity checks to stop a (local) hacker from substituting >> non-standard libraries. Can you confirm this ? > > Yes. > > All dynamically loadable lookups must be stored in a directory whose > name is specified at compile-time. Lookup names can not be specified, > so there are no directory traversal attacks; instead, that directory is > scanned, on every Exim invocation, and Exim attempts to load files > therein. [Exim re-invokes itself for every delivery attempt, so that's > quite often.]
Thanks for the reassurance and saving me from sending tghe time reading the code. -- Dr. Andrew C. Aitchison Computer Officer, DPMMS, Cambridge [email protected] http://www.dpmms.cam.ac.uk/~werdna -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
