Re: [Exim] Configuration data that is sensitive

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Philip Hazel
Date:  
À: Nigel Metheringham
CC: exim-users
Sujet: Re: [Exim] Configuration data that is sensitive
On Fri, 29 Sep 2000, Nigel Metheringham wrote:

> >    all the query or queries options, because they can contain 
> >      password information in LDAP queries

>
> Isn't that anything thats an expanded string, host list or domain list
> included there? Thats quite a lot....


Sorry. I meant the options whose names are explicitly "query" and
"queries". But you are right, it may not be a sensible thing. Now, if I
hadn't packaged the LDAP passwords in with the query...

> You could special case -bP - *before* reading the config, if the
> command is a -bP, setuid() to the invoking UID. Then you decide on
> config visisbility by config file permissions.


Hmm.


-- 
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.