Re: exim4 upload to stable (dovecot stability / and optionally spf quoting)

[Andreas Metzler <ametzler@downhill.at.eu.org>]

On 2013-01-07 Philipp Kern <pkern@debian.org> wrote:
> On Sat, Jan 05, 2013 at 02:20:06PM +0100, Andreas Metzler wrote:
[...]
> > Due to insufficient quoting it is possible to pass on arbitrary
> > arguments to spfquery and therefore bypass SPF checks. The fix is not
> > invasive, but it changes dpkg conffiles.
[...]
> Just to be clear: The underquoting does not yield a situation where one
> can use shell escapes or similar? It's "just" about being able to bypass
> the SPF check by supplying crafted data?

Hello,

As exim's ${run ...} expansion does not use a shell and there is no
recursive expansion nothing dangerous should happen there. However I
just do not know (and cannot judge) whether spfquery handles broken
input that badly.

cu andreas
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'