fail with a taint-check on the spoolfile name, and leave the message
queued.
fail with a taint-check on the spoolfile name, and leave the message
queued.
+HS/01 Enforce absolute PID file path name.
+
Exim version 4.94
-----------------
Exim version 4.94
-----------------
if (!*pid_file_path)
pid_file_path = string_sprintf("%s/exim-daemon.pid", spool_directory);
if (!*pid_file_path)
pid_file_path = string_sprintf("%s/exim-daemon.pid", spool_directory);
+
+if (pid_file_path[0] != '/')
+ log_write(0, LOG_PANIC_DIE, "pid file path %s must be absolute\n", pid_file_path);