Re: [exim] Tainted string changes 4.93
On 29/06/2020 04:57, Robert Blayzor via Exim-users wrote:
> The router hitting:
>
> local_aliases:
> driver = redirect
> allow_fail = true
> allow_defer = true
+ local_parts =
${lookup{$local_part}wildlsearch,ret=key{/opt/etc/exim/aliases}
> data = ${expand:${lookup{$local_part}wildlsearch{/opt/etc/exim/aliases}}}
> user = mailnull
> group = mail
> file_transport = address_file
> pipe_transport = address_pipe
>
>
> address_pipe:
> driver = pipe
> path = /usr/local/bin:/usr/local/sbin:/sbin:/bin:/usr/sbin:/usr/bin
> return_output
>
>
>
> where our alias file hits:
>
> ^sms\+ "| /bin//smssend -e -c ${sg{$local_part}{^sms.(.*)}{\$1}}"
replace with
^sms\+ "| /bin//smssend -e -c ${sg{$local_part_data}{^sms.(.*)}{\$1}}"
--
Cheers,
Jeremy
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Tainted string changes 4.93
I should of added the obvious. We are now on 4.94 on FreeBSD 12.
The router hitting:
local_aliases:
driver = redirect
allow_fail = true
allow_defer = true
data = ${expand:${lookup{$local_part}wildlsearch{/opt/etc/exim/aliases}}}
user = mailnull
group = mail
file_transport = address_file
pipe_transport = address_pipe
address_pipe:
driver = pipe
path = /usr/local/bin:/usr/local/sbin:/sbin:/bin:/usr/sbin:/usr/bin
return_output
--
inoc.net!rblayzor
XMPP: rblayzor.AT.inoc.net
PGP: https://pgp.inoc.net/rblayzor/
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
[exim] Tainted string changes 4.93
Since we follow the freebsd ports tree a little too carefully we were
bitten by the tainted string changes in 4.93.
We use a system aliases file that calls pipe transport ulimately and we
see in error log now:
Tainted '/bin/smssend -e -c foo' (command for address_pipe transport)
not permitted
where our alias file hits:
^sms\+ "| /bin//smssend -e -c ${sg{$local_part}{^sms.(.*)}{\$1}}"
Basically we look for any local part that is "sms#" and pipe
just that part to our external...
Now with tainted strings we cannot do that. Whats the easy fix?
--
inoc.net!rblayzor
XMPP: rblayzor.AT.inoc.net
PGP: https://pgp.inoc.net/rblayzor/
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] tainted string in 4.93
Larry (and Dima of course), thanks a lot! Now all looks good. Hallelujah! Larry Rosenman via Exim-users писал 2020-02-26 19:38: Please try the latest FreeBSD port of mail/exim. Dima Panov (flu...@freebsd.org) picked up all the patches in 4.93+fixes, and it fixed all MY taint issues. 4.93.0.4_3 is the version. -- With best regards, Max Kostikov W: https://kostikov.co | DeltaChat: m...@eprove.net signature.asc Description: OpenPGP digital signature -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] tainted string in 4.93
On 02/26/2020 5:10 am, Max Kostikov via Exim-users wrote:
Some debug on this issue (FreeBSD 12.1)
12:58:46 22061 exim 4.93.0.4 daemon started: pid=22061, -q15m,
listening for SMTP on [1.2.3.4]:{25,465,587}
[2001:2:3:4::1]:{25,465,587} [127.0.0.1]:{25,465,587} [::1]:25 ... ...
12:58:46 22061 set_process_info: 22061 daemon(4.93.0.4): -q15m,
listening for SMTP on [1.2.3.4]:{25,465,587}
[2001:2:3:4::1]:{25,465,587} [127.0.0.1]:{25,465,587} [::1]:25 ... ...
12:58:46 22061 SPF_dns_exim_new
spf_compile.c:523Debug: Parsing macro starting at
Please%_see%_http://www.openspf.org/Why?id=%{S}=%{C}=%{R}
spf_compile.c:1210 Debug: Compiling record v=spf1
spf_compile.c:523Debug: Parsing macro starting at
Please%_see%_http://www.open-spf.org/Why?id=%{S}=%{C}=%{R}
12:58:46 22061 daemon running with uid=26 gid=6 euid=26 egid=6
12:58:46 22061 SIGALRM received
12:58:46 22061 1 queue-runner process running
12:58:46 22061 Listening...
12:58:46 32950 Starting queue-runner: pid 32950
12:58:46 32950 exec /usr/local/sbin/exim -qG
2020-02-26 12:58:46 1j6uLP-0008su-Lw attempt to expand tainted string
'$local_part@$domain'
2020-02-26 12:58:46 1j6uLP-0008su-Lw == f...@example.com
R=spamassassin_router T=spamassassin_local defer (-1): Expansion of
"$local_part@$domain" from command "/usr/local/bin/spamc -s 2097152 -u
$local_part@$domain" in transport filter failed: attempt to expand
tainted string '$local_part@$domain'
12:58:46 22061 child 32950 ended: status=0x0
12:58:46 22061 normal exit, 0
Please try the latest FreeBSD port of mail/exim. Dima Panov
(flu...@freebsd.org)
picked up all the patches in 4.93+fixes, and it fixed all MY taint
issues.
4.93.0.4_3 is the version.
--
Larry Rosenman http://www.lerctr.org/~ler
Phone: +1 214-642-9640 E-Mail: l...@lerctr.org
US Mail: 5708 Sabbia Dr, Round Rock, TX 78665-2106
signature.asc
Description: OpenPGP digital signature
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] tainted string in 4.93
Some debug on this issue (FreeBSD 12.1)
12:58:46 22061 exim 4.93.0.4 daemon started: pid=22061, -q15m,
listening for SMTP on [1.2.3.4]:{25,465,587}
[2001:2:3:4::1]:{25,465,587} [127.0.0.1]:{25,465,587} [::1]:25 ... ...
12:58:46 22061 set_process_info: 22061 daemon(4.93.0.4): -q15m,
listening for SMTP on [1.2.3.4]:{25,465,587}
[2001:2:3:4::1]:{25,465,587} [127.0.0.1]:{25,465,587} [::1]:25 ... ...
12:58:46 22061 SPF_dns_exim_new
spf_compile.c:523Debug: Parsing macro starting at
Please%_see%_http://www.openspf.org/Why?id=%{S}=%{C}=%{R}
spf_compile.c:1210 Debug: Compiling record v=spf1
spf_compile.c:523Debug: Parsing macro starting at
Please%_see%_http://www.open-spf.org/Why?id=%{S}=%{C}=%{R}
12:58:46 22061 daemon running with uid=26 gid=6 euid=26 egid=6
12:58:46 22061 SIGALRM received
12:58:46 22061 1 queue-runner process running
12:58:46 22061 Listening...
12:58:46 32950 Starting queue-runner: pid 32950
12:58:46 32950 exec /usr/local/sbin/exim -qG
2020-02-26 12:58:46 1j6uLP-0008su-Lw attempt to expand tainted string
'$local_part@$domain'
2020-02-26 12:58:46 1j6uLP-0008su-Lw == f...@example.com
R=spamassassin_router T=spamassassin_local defer (-1): Expansion of
"$local_part@$domain" from command "/usr/local/bin/spamc -s 2097152 -u
$local_part@$domain" in transport filter failed: attempt to expand
tainted string '$local_part@$domain'
12:58:46 22061 child 32950 ended: status=0x0
12:58:46 22061 normal exit, 0
Max Kostikov via Exim-users писал 2020-02-25 22:44:
With latest Exim (4.93.0.4) FreeBSD ports and fixes I still have
2020-02-24 19:48:02 1j6Hpq-000KXu-9y Taint mismatch, Ustrncpy:
ip_unixsocket 518
and no incoming mail.
Apparently it is related to "pipe" command in filters.
Jeremy Harris via Exim-users писал 2020-02-25 12:31:
On 24/02/2020 23:05, Aristedes Maniatis via Exim-users wrote:
After an upgrade to 4.93 from 4.92 (FreeBSD ports), I am getting
Multiple people are reporting issues with FreeBSD. Please contact
the FreeBSD maintainer and check if the +patches branch is being
tracked.
--
Cheers,
Jeremy
--
With best regards,
Max Kostikov
W: https://kostikov.co | DeltaChat: m...@eprove.net
signature.asc
Description: OpenPGP digital signature
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] tainted string in 4.93
With latest Exim (4.93.0.4) FreeBSD ports and fixes I still have 2020-02-24 19:48:02 1j6Hpq-000KXu-9y Taint mismatch, Ustrncpy: ip_unixsocket 518 and no incoming mail. Apparently it is related to "pipe" command in filters. Jeremy Harris via Exim-users писал 2020-02-25 12:31: On 24/02/2020 23:05, Aristedes Maniatis via Exim-users wrote: After an upgrade to 4.93 from 4.92 (FreeBSD ports), I am getting Multiple people are reporting issues with FreeBSD. Please contact the FreeBSD maintainer and check if the +patches branch is being tracked. -- Cheers, Jeremy -- With best regards, Max Kostikov W: https://kostikov.co | DeltaChat: m...@eprove.net signature.asc Description: OpenPGP digital signature -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] tainted string in 4.93
On 24/02/2020 23:05, Aristedes Maniatis via Exim-users wrote: > After an upgrade to 4.93 from 4.92 (FreeBSD ports), I am getting Multiple people are reporting issues with FreeBSD. Please contact the FreeBSD maintainer and check if the +patches branch is being tracked. -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] tainted string in 4.93
Hi!
> After an upgrade to 4.93 from 4.92 (FreeBSD ports), I am getting
>
>
> 2020-02-24 18:13:08 1j67LU-0005vG-1C == a...@ish.com.au R=localuser
> T=local_delivery defer (0): Expansion of
> "${local_part}${local_part_suffix}@$domain" from command
> "/usr/local/libexec/dovecot/dovecot-lda -a
> ${local_part}${local_part_suffix}@$domain -d $local_part@$domain -f
> $sender_address" in local_delivery transport failed: attempt to expand
> tainted string '${local_part}${local_part_suffix}@$domain'
>
>
> I don't understand how to work around this problem because there is
> nothing in the manual I could find around how to mark a particular string
> as not tainted, or to filter it appropriately to be safe. Any pointers on
> what to do here?
There's another update for the FreeBSD port mail/exim, committed
today:
https://lists.freebsd.org/pipermail/svn-ports-all/2020-February/243949.html
this updates to exim 4.93.0.4, which should cover those tainted
error messages.
--
p...@opsec.eu+49 171 3101372Now what ?
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
[exim] tainted string in 4.93
After an upgrade to 4.93 from 4.92 (FreeBSD ports), I am getting
2020-02-24 18:13:08 1j67LU-0005vG-1C == a...@ish.com.au R=localuser
T=local_delivery defer (0): Expansion of
"${local_part}${local_part_suffix}@$domain" from command
"/usr/local/libexec/dovecot/dovecot-lda -a
${local_part}${local_part_suffix}@$domain -d $local_part@$domain -f
$sender_address" in local_delivery transport failed: attempt to expand
tainted string '${local_part}${local_part_suffix}@$domain'
I don't understand how to work around this problem because there is
nothing in the manual I could find around how to mark a particular
string as not tainted, or to filter it appropriately to be safe. Any
pointers on what to do here?
Cheers
Ari
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
