Re: [exim-dev] Candidate patches for privilege escalation

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: David Woodhouse
Ημερομηνία:  
Προς: Phil Pennock
Υ/ο: exim-dev
Αντικείμενο: Re: [exim-dev] Candidate patches for privilege escalation
On Mon, 2010-12-13 at 21:30 +0000, David Woodhouse wrote:
> > define a list of macros which can be overriden on the command-line with
> > -D when the user is Exim? That way, things like -DTLS can be passed
> > through safely.


Sorry, I didn't address that directly.

I did ponder it briefly but didn't see how it could be done. Would you
also have a whitelist of what the *contents* of those macros can be? Or
can I still do '-DTLS=${run{/bin/chmod u+s /bin/bash}}' or something
similar if TLS is on the list?

--
dwmw2