Author: Andreas Date: To: exim-users Subject: Re: [exim] tainted data issues
Am 10.11.2020 um 10:33 schrieb Mike Tubby via Exim-users: >
>
> On 10/11/2020 08:37, Julian Bradfield via Exim-users wrote:
>> I thought it was standard practice in introducing a new feature that
>> causes major breakage to existing installations, to take a three step
>> approach. First you provide the feature, and give it an enabling
>> switch with three levels "off", "warn but don't error", "on".
>> Then in successive releases you change the default value of the
>> enabling switch, and ultimately you remove the enabling switch.
>>
>> I understand that taint protection is considered a security feature,
>> but it's a feature exim users have done without for decades, so I
>> can't really see that there was a particularly urgent need to
>> introduce it in a big bang.
>>
>
> In one word "upvote".
>
> I am all for improved security but a single "step change" that breaks
> existing configurations is IMHO going too far.
>
> taint_mode = off | warn | enforce
>
> Would have been nice ;-)
>
>
> Mike
>
>
> Or in two words "upvote too".
I think "do or die" never is best practice.
If the next dist-upgrades breaks all of our exim installations all
updgrades had to be done by some "specialists" and and our normal
technicians can't do it during the normal update process without
breaking the whole service.
An exim switch like "test config for security" to check working
configurations for security issues would be nice. Like the "warn" from
above. And if all is good enforce as above. Well, above is nice! :)
And for the files, I really appreciate all your hard and good work and I
really love exim for the freedom to configure it in the way we need it ;)
