[exim-dev] [Bug 1044] CVE-2010-4345 exim privilege escalatio…

Top Page

Reply to this message
Author: David Woodhouse
To: exim-dev
Subject: [exim-dev] [Bug 1044] CVE-2010-4345 exim privilege escalation
------- You are receiving this mail because: -------
You are on the CC list for the bug.


--- Comment #2 from David Woodhouse <dwmw2@???> 2010-12-11 00:23:42 ---
I found a bug in that patch; we can't just refrain from setting config_changed.
That flag is used for more than the decision of whether to drop privs. It's
used in child.c too.

I think I'm going to end up doing a new config option TRUSTED_CONFIG_PREFIXES
which is a colon-separated list of acceptable prefixes (or full filenames).

Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email