diff options
author | Jeremy Harris <jgh146exb@wizmail.org> | 2020-01-10 12:07:19 +0000 |
---|---|---|
committer | Jeremy Harris <jgh146exb@wizmail.org> | 2020-01-11 17:02:48 +0000 |
commit | 1ea7f48754621db22ec40b6362823433d54bda62 (patch) | |
tree | f966218452801a91370fc891defb74de9281d00e | |
parent | 3fc07bd5708d5b42e5a9a3bcf7ea1928a35eccb3 (diff) |
Docs: add explicit warnings for some variables likely tainted
-rw-r--r-- | doc/doc-docbook/spec.xfpt | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 8b1522795..241540cfd 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -9815,6 +9815,12 @@ newline at the very end. For the &%header%& and &%bheader%& expansion, for those headers that contain lists of addresses, a comma is also inserted at the junctions between headers. This does not happen for the &%rheader%& expansion. +.new +.cindex "tainted data" +When the headers are from an incoming message, +the result of expanding any of these variables is tainted. +.wen + .vitem &*${hmac{*&<&'hashname'&>&*}{*&<&'secret'&>&*}{*&<&'string'&>&*}}*& .cindex "expansion" "hmac hashing" @@ -12192,6 +12198,12 @@ When the &%smtp_etrn_command%& option is being expanded, &$domain$& contains the complete argument of the ETRN command (see section &<<SECTETRN>>&). .endlist +.new +.cindex "tainted data" +If the origin of the data is an incoming message, +the result of expanding this variable is tainted. +.wen + .vitem &$domain_data$& .vindex "&$domain_data$&" @@ -12386,7 +12398,11 @@ because a message may have many recipients and the system filter is called just once. .new -&*Warning*&: the content of this variable is provided by a potential attacker. +.cindex "tainted data" +If the origin of the data is an incoming message, +the result of expanding this variable is tainted. + +&*Warning*&: the content of this variable is usually provided by a potential attacker. Consider carefully the implications of using it unvalidated as a name for file access. This presents issues for users' &_.forward_& and filter files. |