[exim] dynamically loaded lookups - was Re: Exim 4.74 immin…

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Dr Andrew C Aitchison
Date:  
À: Phil Pennock
CC: Exim Users
Anciens-sujets: [exim] Exim 4.74 imminent, security fix
Sujet: [exim] dynamically loaded lookups - was Re: Exim 4.74 imminent, security fix
On Fri, 21 Jan 2011, Phil Pennock wrote:

> Also, this release includes changes to let lookups by dynamically loaded
> by Exim, so that library dependencies can be constrained to .so files.
> This is known to work on Linux and FreeBSD. This is primarily intended
> for use by OS packagers, since if you're building your own Exim you
> should know which libraries you need and it will be faster to not have
> to repeatedly load modules.
>
> While this dynamic module support is mostly the same as the patches
> which have been used for some time by some OS packagers, there is an ABI
> change, so modules from previous patched Exim builds will not work with
> this, the first "official" support of dynamically loaded modules.


The diff from 4.73 is big enough that it isn't trivially obvious
that the are sanity checks to stop a (local) hacker from substituting
non-standard libraries. Can you confirm this ?

-- 
Dr. Andrew C. Aitchison        Computer Officer, DPMMS, Cambridge
A.C.Aitchison@???    http://www.dpmms.cam.ac.uk/~werdna