Re: [Exim] Minor security problem in both Exim 3 and 4

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Philip Hazel
Dátum:  
Címzett: John Horne
CC: exim-users
Tárgy: Re: [Exim] Minor security problem in both Exim 3 and 4
On Wed, 4 Dec 2002, John Horne wrote:

> Could this problem also exist if pid_file_path is set (with %s) in the
> Makefile used to build exim (although the option itself may not be specified
> in the configure file)? If so, then perhaps the exploit could exist without
> the need to change the configure file or restart exim?


Yes, but then the builder of Exim would have been the person trying to
break it, because you have to specify a "nasty" string in order to make
the exploit work.

--
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.