Re: [exim] 2 smallish security issues

Top Page
Delete this message
Reply to this message
Author: John W. Baxter
Date:  
To: exim-users
Subject: Re: [exim] 2 smallish security issues
On 1/4/2005 6:54, "Philip Hazel" <ph10@???> wrote:

>    The report stated that Exim was running as "exim" when the problem
> occurred:
>    with -be, Exim runs as the calling user.


If the calling user is root, does Exim still run as the calling user when
doing the
exim -be
command?

If it does, should it, or should it revert to the exim user in that
circumstance (if the expansion involves a file read, the difference could
matter, but this incompatible change wouldn't affect configuration files)?

---John