Autor: Jeremy Harris Data: Para: exim-users Asunto: Re: [exim] Systemd sandboxing, syscalls etc.
On 13/02/2020 12:03, Kai Bojens via Exim-users wrote: > Would it be possible for the Exim project to provide some insights into
> which syscalls, capabilities, access to directores and so on are
> required?
Not in full. We don't maintain a register of all possibly-used
syscalls, and Exim can be built with many different combinations
of libraries, each of which would be using different syscall sets.
So far as filesystem use goes: we regard everything under the
spooldir top level as fair game, plus the config file and anything
it includes as config portions. But config content can also
specify additional file accesses; Ex does not limit where they are
placed, if any.
--
Cheers,
Jeremy