On Thu, 2013-06-06 at 18:30 -0700, Michael Deutschmann wrote:
> As long as you start as the compiled-in exim user, Exim will honor a "-C"
> from the command-line and use its root privileges to execute that
> configuration.
FWIW this isn't true any more¹. Even the Exim user can only invoke Exim
with a config file which is explicitly permitted.
There were enough other ways to permanently gain root privs, *other*
than "run a pipe as the root user", that this was necessary.
I suppose that might mean that FIXED_NEVER_USERS is redundant now.
--
David Woodhouse Open Source Technology Centre
David.Woodhouse@??? Intel Corporation
¹ Since 4.73. See
http://bugs.exim.org/show_bug.cgi?id=1044 and
http://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.73
