[exim] Re: How to test my userforward ie. forward?

Top Page
Delete this message
Reply to this message
Author: Ian Z via Exim-users
Date:  
To: exim-users
Subject: [exim] Re: How to test my userforward ie. forward?
On Mon, May 15, 2023 at 05:45:33PM +0100, Graeme Fowler via Exim-users wrote:

> > Have secrets in a separate file?


> That can be done already, in a variety of different ways. I suggest
> you have a read of the documentation.


If that was meant for me, it's a misunderstanding. I am very well aware
of the possibilities, I was pointing that out myself.

> That said, a lot of server software which may use privileged ports
> or provide access to content - like Apache httpd, Tomcat, MariaDB,
> PostgreSQL etc - do not allow arbitrary non-privileged users to read
> their configuration.


> It's not security by obscurity, it's a basic fundamental good
> practice on UNIX-like systems and it's been like that since the very
> early days of the OS. It's not likely to change any time soon.


In a default install of Debian (and systems derived from it) certainly
most of those files are world readable. I think the same is the case
for other major distros, though I have used them much less.

--
Ian

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/