From 9bed290e97e67e12c2f56ef06c8f920c0945e432 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Fri, 29 Apr 2022 23:29:47 +0100 Subject: [PATCH] Docs: more warnings on use of tainted data --- doc/doc-docbook/spec.xfpt | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index e216a65a9..cf658a46d 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -10695,6 +10695,10 @@ executions from Exim, a shell is not used by default. If the command requires a shell, you must explicitly code it. The command name may not be tainted, but the remaining arguments can be. +&*Note*&: if tainted arguments are used, they are supplied by a +potential attacker; +a careful assessment for security vulnerabilities should be done. + If the option &'preexpand'& is used, .wen the command and its arguments are first expanded as one string. The result is @@ -13279,6 +13283,11 @@ This is not an expansion variable, but is mentioned here because the string (described under &%transport_filter%& in chapter &<>&). It cannot be used in general expansion strings, and provokes an &"unknown variable"& error if encountered. +.new +&*Note*&: This value permits data supplied by a potential attacker to +be used in the command for a &(pipe)& transport. +Such configurations should be carefully assessed for security vulnerbilities. +.wen .vitem &$primary_hostname$& .vindex "&$primary_hostname$&" @@ -24731,6 +24740,11 @@ This list is a compromise for maximum compatibility with other MTAs. Note that the &%environment%& option can be used to add additional variables to this environment. The environment for the &(pipe)& transport is not subject to the &%add_environment%& and &%keep_environment%& main config options. +.new +&*Note*&: Using enviroment variables loses track of tainted data. +Writers of &(pipe)& transport commands should be wary of data supplied +by potential attackers. +.wen .display &`DOMAIN `& the domain of the address &`HOME `& the home directory, if set -- 2.30.2