X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fsrc%2Fspool_in.c;h=cd74d1ee7cee74ba611b0cbc75cc1872a8aed84f;hb=49e56fb37f587bf0e69d2fbe76fa0793f898c26f;hp=0a281f432f6eb6ba632eaeaa724808787bf5ce69;hpb=9723f9667322bf96db786fa49d53139a48fabc5e;p=user%2Fhenk%2Fcode%2Fexim.git

diff --git a/src/src/spool_in.c b/src/src/spool_in.c
index 0a281f432..cd74d1ee7 100644
--- a/src/src/spool_in.c
+++ b/src/src/spool_in.c
@@ -57,9 +57,17 @@ for (i = 0; i < 2; i++)
   fname = spool_fname(US"input", message_subdir, id, US"-D");
   DEBUG(D_deliver) debug_printf("Trying spool file %s\n", fname);
 
+  /* We protect against symlink attacks both in not propagating the
+   * file-descriptor to other processes as we exec, and also ensuring that we
+   * don't even open symlinks.
+   * No -D file inside the spool area should be a symlink.
+   */
   if ((fd = Uopen(fname,
 #ifdef O_CLOEXEC
 		      O_CLOEXEC |
+#endif
+#ifdef O_NOFOLLOW
+		      O_NOFOLLOW |
 #endif
 		      O_RDWR | O_APPEND, 0)) >= 0)
     break;
@@ -263,7 +271,7 @@ bmi_verdicts = NULL;
 #ifndef DISABLE_DKIM
 dkim_signers = NULL;
 dkim_disable_verify = FALSE;
-dkim_collect_input = FALSE;
+dkim_collect_input = 0;
 #endif
 
 #ifdef SUPPORT_TLS