Author: Phil Pennock Date: To: Frank Elsner CC: Exim Users Subject: Re: [exim] Problem with exim-4.74 + mailman
On 2011-02-09 at 12:35 +0100, Frank Elsner wrote: > after upgrade from exim-4.69 to exim-4.74 I ran into problems with the
> mailman and my configuration. Exim is UID=103.
>
> 2011-02-09 11:28:25 1Pn7Hd-00077B-Dv unable to set gid=104 or uid=104 (euid=103): local delivery to list <list@???> transport=mailman_transport
>
> 2011-02-09 11:29:03 1Pn7IF-00077Z-AC unable to set gid=1 or uid=103 (euid=103): remote delivery to recipient@??? with transport=smtp
>
> What's going on?
You didn't read README.UPDATING or the announcement for 4.73?
To avoid privilege escalation from the exim run-time user to root
(arbitrary code execution of the exim run-time user's choosing), some
setups that used to work no longer do so by default.
In particular, if you're using -C on the command-line, you need to build
Exim with TRUSTED_CONFIG_LIST defined; that points to a file which
contains a list of trusted configs, one per line.
If you're using -D on the command-line then you need to build Exim with
WHITELIST_D_MACROS containing the names of any macros you need to
preserve (and the values of the macros are filtered).
