Re: [exim] de-taint a file string

Mon, 13 Jul 2020 22:24:33 -0700 


On 13 Jul 2020, at 14:38, Jeremy Harris via Exim-users wrote:


On 13/07/2020 12:56, Niels Kobschätzki via Exim-users wrote:

I am looking through the documentation and the mailing list but I 
cannot

find out how to convert this simple acl:

 deny  message = Invalid user
        domains =
partial-lsearch;/usr/local/etc/exim/conf/secondary_filter_domains


      # you did a search; $domain_data gets the result


        local_parts =
!nwildlsearch;/usr/local/etc/exim/conf/secondary_accounts/$domain

When I just switch to $domain_data I get this error
failed to open

/usr/local/etc/exim/conf/secondary_accounts/194.xxx.xxx.xxx for 
linear

search: No such file or directory


    So the result was "194.xxx.xxx.xxx", which is rather different
from the equivalent to the $domain that you used to use.

You need to develop a way of both validating the $domain *and* getting
an untainted string for the file for your lookup checking the
local_parts condition...

You are validating $domain currently using a partial-lsearch.
The data isn't currently usable.  You could consider whether
that data is actually needed elsewhere (you're not using it here, so
far).
The key in the file isn't usable, if you're employing partial-
facilities.  You could consider whether you really need the partial-
matching feature.

You could validate by some other means, eg. the actual existence of
the file you're about to use for the local_parts condition. Hint:
"dsearch" (and ret-full, possibly).



And can someone give me a hint how do I test stuff like this? I know

there is exim -be, but I have no clue how I could just test if for 
example:

recipient = [email protected]
the above lookup will look in
/usr/local/etc/exim/conf/secondary_accounts/bar.org for “foo”


There's two ways.  Well, three.

- For ACL stuff, use the debug facilities and actual test messages.
  This can, depending on the test message source (smtp vs. non-)
  require running the daemon with debug.
- If you have a message sitting in spool, -bem  to set up all the
  variables from it.
- Sprinkle printf, errm, logwrite  liberally around.



Thanks a lot. I will have to see how I work these answers into my 
solution.


Niels

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/






















					Reply via email to