Re: [exim] [Exim RPM w/ mysql-enable for FC2] Anybody out th…

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Wakko Warner
Date:  
À: Nigel Metheringham
CC: exim-users
Sujet: Re: [exim] [Exim RPM w/ mysql-enable for FC2] Anybody out there whohad installed mysql enabled exim rpm for fedora core 2?
> > I hadn't really given it a thought as to where the modules would be, but I
> > would think that looking in only 1 place would work.
> >
> > base path would be /usr/lib/exim and under that, you'd have a directory for
> > routers, transports, authenticators, etc.
>
> Are there security implications I have missed that would be triggered if
> you treated dynamically loadable chunks the same as the -C <config file>
> option?


I wouldn't think there would be if the path was configured at compile time.

> So specifying a loadable module on the command line drops privilege in
> the same way as a config file change.


There would not be an option to specify loadable modules on the command
line. It would be taken from the driver = or lookup{}xxx. Of course, it
would only allow alpha-numerics.

> BTW are we really talking about making everything loadable, or is this
> really useful only for lookups? AFAICS lookups are currently the only
> things that have significant reason to be separated out - not so much
> due to the code size itself, but due to the libraries they pull in and
> the dependencies they generate on exim (so a system ends up requiring 4
> database libraries when it only uses one of the databases).


Yes, I was thinking of everything. Routers, transports, authenticators.
Basically all the directories that's under the src/ directory (excluding the
pcre)

I was actually considering doing the same thing for ACL conditions. It
would be trickier though. If it could be pulled off, it might be possible
for exiscan to be a loadable module. Since I have never used/seen the
exiscan code, I can't say if it could be.

--
Lab tests show that use of micro$oft causes cancer in lab animals