On Sat, 29 Dec 2001, dman wrote:
> | If so, wouldn't it be good to specifiy them as text strings and have
> | the exim application dynamically get the right numbers at runtime?
>
> I don't know enough about this to say. Perhaps there is some sort of
> security issues with doing this.
In order to work fully, Exim needs to know the numbers at compile time.
In Exim 4, you can specify them as names at compile time and it will
figure out the numbers for you. (I stopped being lazy.)
You can specify exim_user at run time, but it is much safer to specify
it at compile time so that it is known from the very start of execution.
I said "fully" above because of cases like this: You can run Exim with
an alternate configuration file, by means of the -C option. However,
unless Exim is called by root or the Exim user, it gives up root
privilege in this case (because otherwise it would be a security
exposure). But if it doesn't know what the Exim uid is before reading
the configuration file, it can't implement this feature.
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
