On 09/01/2020 19:52, Michael Haardt via Exim-users wrote: >> ChangeLog, 4.93 :- >> >> JH/32 >> Introduce a general tainting mechanism for values read from the input >> channel, and values derived from them. Refuse to expand any tainted >> values, to catch one form of exploit. > > Ok, so the problem was not in Sieve operation itself, but in the fact that > a Sieve script was read (expanded) from a path that contained $local_part? > If so, why was the script executed?
That's a stage of enforcement yet to be implemented. Perhaps next release. Currently, only explicit expansions have the enforcmeent but it needs extending to implicit ones also. > What's the suggested way to do that for virtual domains, that is many > mailboxes that all belong to the same local user, and which are not > obtained through a lookup, but through the filesystem itself? The result of a lookup is untainted, and will likely remain so (even if the key for the lookup is tainted, eg. $local_part). So whatever you're doing now should still work, so long as you don't name the DB for the lookup using tainted data. -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
