Re: [Exim] Exim filters and potential security issues.

Top Page
Delete this message
Reply to this message
Author: Nico Erfurth
Date:  
To: Tony Finch
CC: exim-users
Subject: Re: [Exim] Exim filters and potential security issues.
Tony Finch wrote:
> Nico Erfurth <masta@???> wrote:
>
>>2.) Exim filters have a nice feature, they allow to log with the
>>    logfile/logwrite commands, BUT in a virtual only setup, this can
>>    lead to problems. When all users are using the same UID and are
>>    allowed to use exim-filters (as on my machine), an attacker could be
>>    able to use logwrite to write mail into some other users maildir, or
>>    doing other REALLY worse things.

>
>
> forbid_filter_logwrite


*slapsforehead* Ok, it was too late yesterday ;)

Nico