Author: Andreas Metzler Date: To: exim-dev Subject: Re: [exim-dev] Candidate patches for privilege escalation
On 2010-12-12 David Woodhouse <dwmw2@???> wrote:
[...] > - Add a TRUSTED_CONFIG_PREFIX_FILE option. If set, it gives a filename
> for a file that contains prefix strings, like the ALT_CONFIG_PREFIX.
> Each line in that file specifies a prefix for config files which are
> to be trusted, and executed with root privilege if seen in the -C
> option, regardless of which user Exim is invoked by. As long as the
> config file is not writeable by anyone but root, of course. [...]
<Mode proxy>
Ian Jackson wrote on debian-devel on Tue, 14 Dec 2010: > Right. It should probably also refuse to read filenames matching
> .* #* *# *~ *.tmp at the very least.
>
> You wouldn't want to edit your exim.conf to get rid of a security
> problem and find that the attacker could just tell it to use the old
> file ! </proxy>
