Author: W B Hacker Date: To: Dr Andrew C Aitchison CC: exim-dev, David Woodhouse Subject: Re: [exim-dev] What user should ${run...} in config file run as?
Dr Andrew C Aitchison wrote: > On Mon, 13 Dec 2010, David Woodhouse wrote:
>
>> Why the hell did this work anyway?
>>
>> cat > e.conf<<'EEE'
>> spool_directory = ${run{/bin/chown root:root /var/spool/exim4/setuid}}
>> ${run{/bin/chmod 4755 /var/spool/exim4/setuid}}
>> EEE
>> exim -Ce.conf -q
>>
>> Why are we invoking ${run...} directives in the config file as root? Why
>> aren't we doing it as the Exim user?
>
> What proportion of exim installations use the ${run...} ${dlfunc...}
> and ${perl...} directives (I can find no evidence that we have ever
> used any of them ) ?
List discussions of those indicate that several folks - some perhaps
high-traffic, even if low box-count, DO use, and rely on, one of more of them.
>
> Is there a good reason not to leave these features out of the default
> build and make them available only as a compile time option ?
>
Given the obstacles to a one-size-fits-all solution to sanitizing those, that
looks like at least a near-term way to get a 'safer' rev out the door soonest.
They could go back into the default later - if/as/when more time has produced a
viable - and tested - consensus as to how-so. AND/OR remain compile-time
options, as many other things are.