Kwiseva yemeyile ye-Exim gxeka (), enokukhokelela ekusebenziseni ikhowudi ekude kumncedisi ngamalungelo engcambu xa kusenziwa isicelo esenziwe ngokukodwa. Ukuba nokwenzeka kokusetyenziswa kwengxaki kuphawulwe kwiinguqulelo ukusuka kwi-4.87 ukuya kwi-4.91 equkayo okanye xa kwakhiwa ngokhetho lwe-EXPERIMENTAL_EVENT.
Kuqwalaselo olungagqibekanga, uhlaselo lunokuthi luqhutywe ngaphandle kweengxaki ezingeyomfuneko ngumsebenzisi wendawo, ekubeni "qinisekisa = ummkeli" i-ACL isetyenzisiweyo, eyenza ukuhlolwa okongeziweyo kwiidilesi zangaphandle. Uhlaselo olukude lunokwenzeka xa izicwangciso zitshintshwa, ezifana nokusebenza njenge-MX yesibini kwenye i-domain, ukususa i-ACL "verify=recipient", okanye utshintsho oluthile kwi-local_part_suffix). Uhlaselo olukude lunokwenzeka ukuba umhlaseli uyakwazi ukugcina uxhulumaniso kumncedisi luvulekile iintsuku ze-7 (umzekelo, ukuthumela i-byte enye ngomzuzu ukudlula ixesha lokuphuma). Ngexesha elifanayo, kunokwenzeka ukuba kukho ii-vectors ezilula zokuhlaselwa ukuxhaphazwa okude kwengxaki.
Ukuba sesichengeni kubangelwa uqinisekiso olungachanekanga lwedilesi yomamkeli kumsebenzi we-delivery_message () ochazwe kwifayile /src/deliver.c. Ngokugqwetha ukufomatha kwedilesi, umhlaseli angafezekisa unikezelo endaweni yedata yakhe kwiimpikiswano zomyalelo obizwa nge execv () umsebenzi onamalungelo engcambu. Ukusebenza akufuni ukusetyenziswa kobuchule obuntsonkothileyo obusetyenziselwa ukuphuphuma kwebuffer okanye ukonakala kwenkumbulo kwanele.
Ingxaki inxulumene nokusetyenziswa kolwakhiwo lokuguqulwa kwedilesi:
deliver_localpart = expand_string(
string_sprintf("${local_part:%s}", new->address));
deliver_domain = expand_string(
string_sprintf("${domain:%s}", new->address));
I-extension_string () umsebenzi ngumdibanisi onzima kakhulu, ukuquka ukuqonda umyalelo "${run{command arguments}", ekhokelela ekusungulweni komphathi wangaphandle. Ngoko ke, ukuhlasela ngaphakathi kweseshoni ye-SMTP, umsebenzisi wasekhaya ufuna kuphela ukuthumela umyalelo onje ngo 'RCPT KUYA “igama lomsebenzisi+${run{...}}@localhost”', apho inginginya yendawo ingomnye wenginginya kuluhlu lwendawo_yesizinda, kwaye igama lomsebenzisi ligama lomsebenzisi okhoyo wasekuhlaleni.
Ukuba umncedisi usebenza njengonikezelo lweposi, kwanele ukuthumela ukude umyalelo 'RCPT TO "${run{...}}@relaydomain.com"', apho i-relaydomain.com yenye yenginginya ezidweliswe kwi-relay_to_domains icandelo leseto. Ekubeni i-Exim ayigqibekanga ukulahla imo yelungelo (deliver_drop_privilege = bubuxoki), imiyalelo egqithiswe nge "${run{...}}" iya kuphunyezwa njengengcambu.
Kuyaphawuleka ukuba sesichengeni kwaba kwi-4.92 ekhutshwe ngoFebruwari, ngaphandle kokugxininisa ukuba ukulungiswa kunokukhokelela kwiingxaki zokhuseleko. Akukho sizathu sokukholelwa ukuba bekukho ukufihlwa ngabom kobuthathaka ngabaphuhlisi beExim, kuba ingxaki yalungiswa ngexesha. ukusilela okwenzekayo xa iidilesi ezingachanekanga zisasazwa, kwaye ukuba sesichengeni kwachongwa yiQualys ngexesha lophicotho lotshintsho kwi-Exim.
Ukulungiswa kweenguqulelo zangaphambili eziqhubeka zisetyenziswa kunikezelo okwangoku zifumaneka kuphela njenge . Ukukhutshwa kwezilungiso kumasebe angaphambili ukulungisa le ngxaki kucwangciselwe umhla we-11 kaJuni. Uhlaziyo lwepakethi lulungele , , . и Banikezela ngenguqulo ye-4.92, apho ingxaki ingabonakali. Ingxaki ye-RHEL kunye ne-CentOS , kuba i-Exim ayiqukwanga kwindawo yokugcina ipakethe eqhelekileyo.
umthombo: opennet.ru