On 17/11/2022 19:10, Jeremy Harris via Exim-users wrote:
On 17/11/2022 16:36, Martin Clayton via Exim-users wrote:
So, sorry to be a tainted dummy, but I'm still left wondering how to
deal with this.
{exists{VHOST_DIR/$domain_data/VHOST_CONFIG_DIR/blacklists/${extract{1}{=!&/}{$item}{$value}{$item}}}}
The filename there is built from a directory path which is not tainted,
and a filename which is. This is a standard pattern for detainting
using a dsearch lookup
> [...] docs [...]
So, use a ${lookup {tainted_thing} dsearch {untainted_path} {found}
{not_found}}.
Huge thanks for the direction and clarity. I'm sure I can now get the
new machine purring. I'm usually fairly good with docs and find exim4
particularly 'tight' (in a good way), sometimes, 'intense'. ;) Normally,
it's battling with syntax but this one feels more like policy and I lost
the way. 'Taint easy but one day I'll have a better grip on the
fundamentals and the blindingly obvious will be visible -- although, I
can see how that could go wrong :)
I'm looking at such a small part of exim, how you/team keep the whole
project together is simply amazing.
Thanks!
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
