From: Jeremy Harris Date: Sun, 12 Jul 2020 12:36:10 +0000 (+0100) Subject: Docs: add note on non-functionality of "exists" for de-tainting X-Git-Url: https://git.exim.org/users/heiko/exim.git/commitdiff_plain/040494b780a1f6db9f7dba0058c29e975241c1b0?hp=63c4307e5873801eaed051ef258d90a52a7d19e7 Docs: add note on non-functionality of "exists" for de-tainting --- diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 0ffc88c58..d981f6230 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -11656,6 +11656,11 @@ condition is true if the named file (or directory) exists. The existence test is done by calling the &[stat()]& function. The use of the &%exists%& test in users' filter files may be locked out by the system administrator. +.new +&*Note:*& Testing a path using this condition is not a sufficient way of +de-tainting it. +.wen + .vitem &*first_delivery*& .cindex "delivery" "first" .cindex "first delivery"