Re: [Exim] user-filter and security

Top Page
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: robert rotman
CC: exim-users
Subject: Re: [Exim] user-filter and security
On Sat, 6 Jan 2001, robert rotman wrote:

> How secure is it to let users make there own filters?
> What are possible risks if
> forbid_filter_logwrite
> forbid_filter_existstest
> forbid_filter_lookup
> is set?
>
> anyone any suggestions and/or experiance?


We let users make filter files, without setting any of those options,
because the users have login accounts, so the last two don't buy
anything. We haven't had any problems so far.

-- 
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.