Re: [exim] Exim 4.84_2 #1 : WARNING: purging the environment…

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Always Learning
Ημερομηνία:  
Προς: Exim
Αντικείμενο: Re: [exim] Exim 4.84_2 #1 : WARNING: purging the environment.

On Mon, 2016-04-18 at 11:37 +0100, Jeremy Harris wrote:


> On 18/04/16 01:47, Always Learning wrote:
> > I'll add 'PATH' to the keep_environment parameter.


> Don't just blindly do it; assess your needs and only
> keep what you need. It's a vulnerability attack
> surface.


'PATH' was someone else's helpful suggestion :-)

(1) I don't understand the purpose of keep_environment. Is it a
collection of directory/file strings (separated by colons or
semi-colons ?) that Exim uses for launching or calling routines or other
programmes ?

If so, how will that prevent an unauthorised person gaining system
access ?


(2) My Exim is in /usr/sbin/exim and it calls, to my knowledge and
belief, nothing other than its own Exim routines. It does
use /var/spool/exim/ and /var/log/exim/ but neither have executables
(binaries or text files marked executable).

Is the illuminating wisdom now in the Exim documentation ?


Thanks Jeremy.



--
Regards,

Paul.
England, EU.      England's place is in the European Union.