summaryrefslogtreecommitdiff
path: root/doc/doc-docbook
diff options
context:
space:
mode:
authorHeiko Schlittermann (HS12-RIPE) <hs@schlittermann.de>2016-02-01 13:13:27 +0100
committerHeiko Schlittermann (HS12-RIPE) <hs@schlittermann.de>2016-04-07 09:45:33 +0200
commit2f680c0c44778f97c056fb06d60fb03f4cf69c31 (patch)
treed8343559845483d313ac6a989591766e3543b237 /doc/doc-docbook
parentc0ebc07afcedf09ec166a31a6e14928c2cd03d26 (diff)
Add perl_taintmode option
Diffstat (limited to 'doc/doc-docbook')
-rw-r--r--doc/doc-docbook/spec.xfpt18
1 files changed, 18 insertions, 0 deletions
diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index e30f17cc0..5eb3d1909 100644
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -12977,6 +12977,17 @@ overriding the setting of &%perl_at_start%&.
There is also a command line option &%-pd%& (for delay) which suppresses the
initial startup, even if &%perl_at_start%& is set.
+.new
+.ilist
+.oindex "&%perl_taintmode%&"
+.cindex "Perl" "taintmode"
+To provide more security executing Perl code via the embedded Perl
+interpeter, the &%perl_taintmode%& option can be set. This enables the
+taint mode of the Perl interpreter. You are encouraged to set this
+option to a true value. To avoid breaking existing installations, it
+defaults to false.
+.wen
+
.section "Calling Perl subroutines" "SECID86"
When the configuration file includes a &%perl_startup%& option you can make use
@@ -13505,6 +13516,7 @@ listed in more than one group.
.table2
.row &%perl_at_start%& "always start the interpreter"
.row &%perl_startup%& "code to obey when starting Perl"
+.row &%perl_taintmode%& "enable taint mode in Perl"
.endtable
@@ -15622,14 +15634,20 @@ local parts. Exim's default configuration does this.
.option perl_at_start main boolean false
+.cindex "Perl"
This option is available only when Exim is built with an embedded Perl
interpreter. See chapter &<<CHAPperl>>& for details of its use.
.option perl_startup main string unset
+.cindex "Perl"
This option is available only when Exim is built with an embedded Perl
interpreter. See chapter &<<CHAPperl>>& for details of its use.
+.option perl_startup main boolean false
+.cindex "Perl"
+This Option enables the taint mode of the embedded Perl interpreter.
+
.option pgsql_servers main "string list" unset
.cindex "PostgreSQL lookup type" "server list"