Re: BUG? "Illegal value in LDAP attribute. (#5.3.5)"

[Claudio Jeker <jeker@xxxxxxxxx>]

On Sun, Sep 12, 2004 at 05:23:01PM -0700, Entelin wrote:
> In ldap I added the attribute deliveryProgramPath with a value of
> "/usr/local/bin/maildrop -d $USER" and the control file
> ldapdefaultdotmode is ldapwithprog. If I send a message to this user it
> gets bounced with an error "Illegal value in LDAP attribute. (#5.3.5)".
> If I use something without arguments such as "/whatever/test.sh" it
> works. If I change qmailDotMode to dotonly instead of ldapwithprog and
> make a .qmail file with "|/usr/local/bin/maildrop -d $USER" in it it
> also works.
> 
> So did I find a bug?  :)
> 

No this ain't a bug. You need to set RESTRICT_PROG in qmail-ldap.h to 0.

From qmial-ldap.h:
/* if the sanitycheck function should be less restricted for
 * program pathes, this means especially that most special chars
 * of the shell are allowed (like &, &, ;, and <,|,>)
 * You should know what you are doing when disallowing this  */
/* 1 = restriced sanitycheck; 0 = less restriced sanitycheck */
#define RESTRICT_PROG 1

-- 
:wq Claudio