Autor: David Woodhouse Datum: To: Phil Pennock CC: exim-dev Betreff: Re: [exim-dev] Candidate patches for privilege escalation
On Mon, 2010-12-13 at 21:30 +0000, David Woodhouse wrote: > > define a list of macros which can be overriden on the command-line with
> > -D when the user is Exim? That way, things like -DTLS can be passed
> > through safely.
Sorry, I didn't address that directly.
I did ponder it briefly but didn't see how it could be done. Would you
also have a whitelist of what the *contents* of those macros can be? Or
can I still do '-DTLS=${run{/bin/chmod u+s /bin/bash}}' or something
similar if TLS is on the list?