On Wed, 9 Feb 2011 13:59:34 +0100 Heiko Schlittermann wrote:
> Frank Elsner <Frank.Elsner@???> (Wed Feb 9 13:15:20 2011):
> > On Wed, 9 Feb 2011 07:00:34 -0500 Phil Pennock wrote:
> >
> > [ ... ]
> >
> > > You didn't read README.UPDATING or the announcement for 4.73?
> >
> > Yes, maybe I misunderstand it :-(
> >
> > [ ... ]
> >
> > > See README.UPDATING for more.
> >
> > | * The Exim run-time user can no longer be root; this was always
> > | strongly discouraged, but is now prohibited both at build and
> > | run-time. If you need Exim to run routinely as root, you'll need to
> > | patch the source and accept the risk. Here be dragons.
> >
> > I have EXIM_USER=ref:exim in Local/Makefile.
> > User "exim" is uid 103 in /etc/passwd.
> >
> > But the binary is
> >
> > -rwsr-xr-x 1 root root 864428 Feb 9 11:27 exim-4.74
>
> > Setuid to bind to port 25, I guess? Or should I remove it?
>
> If started by root, it doesn't matter. Exim should change it's euid
> after binding to the port.
>
> How is your exim started? Using some -C oder -D option?
None of both.
> As far as I understand, the suid bit is used to change the euid/egid to whatever for
> local transports.
>
> The config file is not owned by your exim user?
It's
-rw-r--r-- 1 root root 12106 Feb 2 11:34 exim4.conf
> If you add the "pid" logselector, you should see, that a new process is
> forked for delivery.
I'll give it a try.
--Frank Elsner
