Re: [Exim] Configuration data that is sensitive

Etusivu
Poista viesti
Vastaa
Lähettäjä: Nigel Metheringham
Päiväys:  
Vastaanottaja: Philip Hazel
Kopio: exim-users
Uudet otsikot: [Exim] ASMTP Sending with netscape
Aihe: Re: [Exim] Configuration data that is sensitive
ph10@??? said:
> (2) Invent a notional flag that is set for certain options,
> restricting them to admin users only. This is not a huge amount of
> work, and I think there are only a few such options:

...
>    all the query or queries options, because they can contain 
>      password information in LDAP queries


Isn't that anything thats an expanded string, host list or domain list
included there? Thats quite a lot....

You could special case -bP - *before* reading the config, if the
command is a -bP, setuid() to the invoking UID. Then you decide on
config visisbility by config file permissions.

    Nigel.



-- 
[ - Opinions expressed are personal and may not be shared by VData - ]
[ Nigel Metheringham                  Nigel.Metheringham@??? ]
[ Phone: +44 1423 850000                         Fax +44 1423 858866 ]