From 9214d2e4dfd9d4f29e9cb7a0eea8a0758ed1b34a Mon Sep 17 00:00:00 2001
From: Jeremy Harris <jgh146exb@wizmail.org>
Date: Sat, 11 Jan 2020 21:48:25 +0000
Subject: pipe transport: taint-enforce command

---
 doc/doc-docbook/spec.xfpt | 6 ++++++
 doc/doc-txt/ChangeLog     | 3 ++-
 2 files changed, 8 insertions(+), 1 deletion(-)

(limited to 'doc')

diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index bb2ce122c..0e44b119b 100644
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -23816,6 +23816,12 @@ directories are also controllable. See chapter &<<CHAPenvironment>>& for
 details of the local delivery environment and chapter &<<CHAPbatching>>&
 for a discussion of local delivery batching.
 
+.new
+.cindex "tainted data" "in pipe command"
+.cindex pipe "tainted data"
+Tainted data may not be used for the command name.
+.wen
+
 
 .section "Concurrent delivery" "SECID140"
 If two messages arrive at almost the same time, and both are routed to a pipe
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 27292954a..c803fdb7e 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -88,7 +88,8 @@ JH/19 Bug 2507: Modules: on handling a dynamic-module (lookups) open failure,
       information.
 
 JH/20 Taint checking: disallow use of tainted data for the appendfile transport
-      file and directory options.  Previously this was permitted.
+      file and directory options, and for the pipe transport command.
+      Previously this was permitted.
 
 
 Exim version 4.93
-- 
cgit v1.2.3