On Thu, 21 May 2009, Matt Sergeant wrote:
On Thu, 21 May 2009, Devin Carraway wrote:
On Wed, May 20, 2009 at 09:40:21PM -0400, Charlie Brady wrote:
> I think the -T *should* be there on the command line, but there are some
> bugs in qpsmtpd and/or your plugins which need to be fixed before it
> will
> work.
forkserver has used -T since 29ac2860, back in 2004. Obviously prefork is
newer and has seen less testing, but most of the module code and plugins
have seen plenty of taint-checked use.
I guess this raises a question: The return values from config() are tainted.
Should we de-taint them?
That depends IMO on whether they can contain attack data. I don't see how
they could, so therefore the taint checking is just a nuisance, rather
than providing protection against unchecked hostile data. Hence blanket
de-taint is probably reasonable.