diff options
author | Jeremy Harris <jgh146exb@wizmail.org> | 2022-04-29 23:29:47 +0100 |
---|---|---|
committer | Jeremy Harris <jgh146exb@wizmail.org> | 2022-04-29 23:29:47 +0100 |
commit | 9bed290e97e67e12c2f56ef06c8f920c0945e432 (patch) | |
tree | 837fda426dec6dcecd51a1506e45a891fae4cd16 | |
parent | 93858e7c3b464e6c50fd034feea21e77a41a5bf0 (diff) |
Docs: more warnings on use of tainted data
-rw-r--r-- | doc/doc-docbook/spec.xfpt | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index e216a65a9..cf658a46d 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -10695,6 +10695,10 @@ executions from Exim, a shell is not used by default. If the command requires a shell, you must explicitly code it. The command name may not be tainted, but the remaining arguments can be. +&*Note*&: if tainted arguments are used, they are supplied by a +potential attacker; +a careful assessment for security vulnerabilities should be done. + If the option &'preexpand'& is used, .wen the command and its arguments are first expanded as one string. The result is @@ -13279,6 +13283,11 @@ This is not an expansion variable, but is mentioned here because the string (described under &%transport_filter%& in chapter &<<CHAPtransportgeneric>>&). It cannot be used in general expansion strings, and provokes an &"unknown variable"& error if encountered. +.new +&*Note*&: This value permits data supplied by a potential attacker to +be used in the command for a &(pipe)& transport. +Such configurations should be carefully assessed for security vulnerbilities. +.wen .vitem &$primary_hostname$& .vindex "&$primary_hostname$&" @@ -24731,6 +24740,11 @@ This list is a compromise for maximum compatibility with other MTAs. Note that the &%environment%& option can be used to add additional variables to this environment. The environment for the &(pipe)& transport is not subject to the &%add_environment%& and &%keep_environment%& main config options. +.new +&*Note*&: Using enviroment variables loses track of tainted data. +Writers of &(pipe)& transport commands should be wary of data supplied +by potential attackers. +.wen .display &`DOMAIN `& the domain of the address &`HOME `& the home directory, if set |