On Tue, 4 Feb 2003, Sheldon Hearn wrote:
> > I don't think filenames need to be unpredictable in Exim.
>
> So when Exim delivers a message locally into a Maildir format mailbox,
> it takes care not to follow a symlink, yes? :-)
What am I missing here? What has unpredictable file names got to do with
symlinks?
> Looking at appendfile.c, I see that Exim _does_ take care to avoid this.
Indeed, it avoids symlinks in general, precisely for security reasons
(though I was persuaded to implement allow_symlink as an option for
single-file mailboxes).
> The comments don't suggest that this was taken into consideration during
> design.
What was taken into account? I'm clearly missing something...
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
