Author: David Woodhouse Date: To: Andreas Metzler, exim-dev Subject: Re: [exim-dev] [PATCH 2/3] Don't allow a configure file which
iswriteable by the Exim user or group
Thanks for the feedback. I'll fix that and push later this evening.
With that done, I think the biggest issue with privilege escalation is mostly dealt with. An attacker can't make their own config file; they'd have to find a root-owned file lying around which looked enough like an Exim config and did something stupid.
It's not a panacea; we do want to kill ALT_CONFIG_ROOT_ONLY too and do some kind of whitelist of trusted configs. But it's a large part of the answer.