On 2013-05-20 at 11:02 -0700, Todd Lyons wrote:
> Figured out the problem with using the list method for path
> manipulation. My latest code is at:
> http://git.exim.org/users/tlyons/exim.git
I looked *very* briefly with:
git diff e2658fff tlyons/master_volatile_python
It looks good to me.
> 2. If full path to python script is specified, it splits the path and
> adds it to the system paths, then attempts to load it.
This should be called out very clearly, perhaps even in the security
section too, as it affects what code will be loaded into a root-run
process and folks should know that they will be implicitly trusting
everything in a directory from which they load code, not just the file
that they load.
It *might* also be worth making something that can be disabled. Folks
who want it, will love it. Folks who don't want it ... will not.
Perhaps instead, just make a third Exim option?
python_sys_path_prepend?
python_sys_path_prepend = /etc/exim/python
python_startup = /etc/exim/python/startup.py
Make sense? I suspect, if you do it that way, the second can even
become "python_startup = startup.py", using the newly adjusted sys.path ?
I'm currently in SF, will be back in Pittsburgh early Saturday morning
and *might* have time to catch up on some Exim stuff early next week.
-Phil