Re: [Exim] Problem with address_pipe transports

Top Page
Delete this message
Reply to this message
Author: Tony Finch
Date:  
To: exim-users
Subject: Re: [Exim] Problem with address_pipe transports
Philip Hazel <ph10@???> wrote:
>
>When Exim is reading an incoming message, it is running as exim, not
>root, and it has given up its privilege. Consequently, it cannot change
>uid any more.
>
>This restricts the routers that can be used for verification. Any that
>require a change of uid cannot be used for verification. (Also it can
>only read files that exim can read, of course).
>
>One way round this is to put no_verify on the router. This is often a
>reasonable thing to do for forward file routers.


I think this is an important point which wasn't clear from the
documentation or from the tutorial you gave recently. It's a much more
concrete reason for using no_verify than I have seen before.

Looking through the documentation, I see that there is discussion
of this privilege issue under the require_files option and under
the redirect router. Perhaps there should be more cross-referencing.

Tony.
--
f.a.n.finch <dot@???> http://dotat.at/
BAILEY: SOUTHERLY 4 OR 5 DECREASING 3. RAIN AT TIMES. MODERATE OR POOR.