Dean Brooks via Exim-users <exim-users@exim.org> wrote: > On Fri, Apr 29, 2022 at 05:16:45PM +0100, Andrew C Aitchison via Exim-users > wrote: > > > Given that taint checking appeared in Exim 4.93 and > > allow_insecure_tainted_data in Exim 4.95, > > this (Exim 4.96) would be the first time that allow_insecure_tainted_data > > would actually be helpful. > > > > Is it just me, or are others worried about the new taint checking > > having unexpected consequences and no way to disable it for debugging ? > > I'd prefer the allow_insecure_tainted_data never be removed, now or in the > future. At the least, as an experimental feature that requires intentional > enabling during a source build. At the worst as a separate community > maintained patch against the official source for each new release. > Maintaining production mail systems that handle millions of messages a month > is no trivial feat, and a single taint failure can turn (and has turned) a > routine upgrade plan into a mess.
100% agreement. Having to include it as build option is reasonable. Michael -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/