Is there some security reason that stops you from making
/etc/exim/email2username world readable?? I agree that exim should
probably switch back to it's own id at that point but I guess no one
noticed before because everyone has these files readable.
On Jul 3, Steven Clarke <steven.clarke@???> wrote:
>
> : Expansion of
> : ${lookup{$1}lsearch{/etc/exim/email2username}{$value}fail}@???
> : failed while rewriting: failed to open /etc/exim/email2username for linear
> : search: Permission denied) = 211
>
> Exim seems to be setting the euid to that of the user to read the .forward
> file but not setting it back exim's uid to read the files needed by the
> rewriting code?
>
> Any suggestions to what I've missed or am I going to have to change to
> setuid security and accept the extra overheads?
>
> Extra notes:
>
> Address rewriting reads:
> *@lsearch;/etc/exim/localdomains \
> ${lookup{$1}lsearch{/etc/exim/username2email}\
> {$value}fail}@??? Ffr
>
> *@lsearch;/etc/exim/localdomains \
> ${lookup{$1}lsearch{/etc/exim/email2username}\
> {$value}fail}@??? T
>
> Steve Clarke
>
--
Artificial Intelligence stands no chance against Natural Stupidity.
GAT d- -p+(--) c++++ l++ u++ t- m--- W--- !v
b+++ e* s-/+ n-(?) h++ f+g+ w+++ y*
